Three steps to greater cyber resilience

The figures are alarming: according to the Global Data Protection Index 2024 from Dell Technologies, 75 percent of companies surveyed worldwide fear that their data protection measures are not sufficient to ward off threats from malware and ransomware. Almost as many (74 percent) are concerned that their backup data could be infected or corrupted in the event of an attack. The threat level is high, so companies have no choice but to strengthen their defenses and improve their cyber resilience. What is needed is a combination of preventative and reactive measures, which includes the following three basic steps:  

• Reduce the attack surface. To protect the confidentiality, integrity and availability of data, companies need to tighten controls. The best solution is to implement a zero-trust architecture. This concept assumes that no user, device or network is trustworthy - not even within the company's IT. Instead, all access to data, applications, systems or network areas is strictly controlled. Only those who have the appropriate authorization and can authenticate themselves are granted access to the infrastructure. This considerably restricts the scope of action of cyber criminals, as they can no longer move freely within the IT infrastructure. The central components of a zero trust architecture are micro-segmentation of the network, identity and access management (IAM) and multi-factor authentication. In addition, companies should not forget basic tasks such as regular backups, continuous software updates and training to raise employee awareness.

• Recognize and contain the current attack. In the event of a cyber attack, a precise roadmap helps to minimize the risk as quickly as possible. Detection and response solutions detect intruders at an early stage and provide helpful information for defense. They collect extensive status and activity data from the entire IT infrastructure and evaluate it. This allows correlations and anomalies to be identified long before the attackers finally strike. However, such solutions require extensive knowledge and a great deal of experience, and very few companies have the relevant experts in-house. It can therefore make sense to obtain detection and response as a managed service from an external partner. Such a fully managed end-to-end solution monitors a company's entire IT environment around the clock and thus ensures a rapid response.

• Restore business operations. If an emergency does occur, companies must be able to restore the affected systems and data quickly and analyze the incident retrospectively to identify opportunities for improvement. A modern data backup solution goes beyond traditional backups and replications, as cyber attackers have long since set their sights on this type of data backup. Storage systems with a so-called retention lock offer protection, preventing tampering with the data so that backups can be stored securely. In addition, copies of particularly important data can be stored in a cyber recovery vault. This data vault is completely sealed off from the rest of the network so that unauthorized persons have no access. In the event of an emergency, all important business data and systems are available for rapid recovery. At the same time, companies need well thought-out and tested emergency plans so that everyone knows what to do and who makes the decisions in the event of a security incident. This prevents valuable time being lost through lengthy coordination processes.

"Indeed, the threat landscape is extremely complex. But it is still possible for companies to get a handle on cyber security and effectively protect themselves from attackers. Implementing essential prevention, response and recovery measures is a crucial step in strengthening your cyber resilience," says Frank Thonüs Managing Director at Dell Technologies Switzerland. "In view of the continuous refinement of attack methods by criminals, it is necessary to regularly review and improve strategies and measures."

Source: www.delltechnologies.com