Being prepared means you’re 2.5 times more likely to ensure 99.99% uptime for business critical applications[1], so it makes good business sense.
As our understanding of cyber security increases, so does the realisation that security is an ongoing journey, not an end destination.
It’s always going to be a consideration – you’ll never reach a point where security is done or completely ticked off the to-do list – it needs to be a live, moving part of your approach to IT and security practices, ready to evolve as needs change.
With more than 65,000 cyber attacks reported by the Australian Cyber Security Centre in FY20/21[2], there’s a growing understanding that it’s likely not a case of if but when you could be vulnerable and be victim to a security breach.
So if we presume an attack is on the cards, Truis and Dell Technologies can support you in putting systems in place with this in mind.
Practising a presumptive breach makes perfect
By assuming an attack is inevitable, we focus on building resilience so we can be equipped to recover quickly and feel confident that our most essential data can survive a breach and is able to be recovered quickly.
In order to do this properly, you want to bring your IT and security teams together, as ensuring your backup capability survives a cyber event falls squarely in the camp of both security and IT responsibilities.
Exercising your resilience
One way to bring these teams together is to build security exercises around recovery from a cyber event and use this as an opportunity to consider your position within several scenarios and ask: how would a cyber event affect my recovery capability? Or what happens if a cyber event does affect my recovery capability
Scenarios to include – are your backup servers encrypted? Or what would happen if your DNS went down? Have you ever heard someone complain they were too prepared for the cyber attack they suffered? In reality, being at the ready by scheduling test exercises will help you have an up-to-date, confident and robust approach to securing your essential data.
Then consider:
- Could you modernise your backup?
- Could you build and isolate recovery environments?
- What applications are mission critical can I recover them from the bare minimum
Identifying your most essential application can give you an excellent place to start. By starting small, you can build your people, processes and technology around it; this can then become part of your usual business operations and scheduled testing.
Mission critical
What is mission critical to your organisation? Think about your minimum viable organisation – what are the minimum set of IT services you need to continue with operations? So, for example, it might not be email, but it might be the ability to process orders or manage your distribution centre.
Once clear on this, you can identify the data and applications that need the most protection and build from there.
Find out how Truis can assist you in your approach to preventative strategies by accessing a free cyber resiliency assessment for a quick but comprehensive health check that measures your organisation’s ability to detect, respond to and recover.
We will share our expertise and recommendations on the leading solutions that can help you stay protected. Like PowerProtect Cyber Recovery from Dell Technologies, which gives you maximum protection – across cloud-based, multi-cloud and on-premises environments. Protection when and where you need it most, building a resilient security journey and a system that evolves as the security landscape changes.
Book Me In: https://truis.com.au/contact/
[1] Enterprise Strategy Group 2022—The Long Road Ahead to Ransomware Preparedness.
