Cyberthreats are an unfortunate reality for data centers, which face many challenges in preventing breaches. Their prospect has been increasing in recent years, with over 40 percent of respondents in a Carbonite survey reporting that threats from hackers, ransomware and other malware have risen significantly.
Cybersecurity damages are in the billions of dollars each year, making the prospect of attacks a pressing issue for data centers. Small- and medium-size businesses (SMBs) are especially prone to cyberattacks, as they tend to lack the security and resources to protect themselves, unlike large companies. A Ponemon Institute survey finds that 68 percent of SMBs perceive themselves as “vulnerable” or “very vulnerable” to cyberattacks.
Potential for Data Loss and Downtime
The primary threat of cyberattacks is data loss and downtime, which can lead to failure to meet recovery-time objectives (RTOs), difficulty in recovering the data and other privacy concerns. Since even a few minutes of downtime can have a catastrophic impact on a business, solutions for defending and reacting to cyberthreats are essential to the stability of a business.
The potential for data loss and downtime renders cybersecurity drills a necessity. Similar to ensuring that fire protocols are running smoothly during an actual fire, companies should prepare for a cyberattack before one occurs. An entire business should be involved in cybersecurity drills, as well as in general monitoring and analysis to ensure everything is in place for optimal defense. An established breach-response plan can effectively combat cyberthreats by minimizing the damage or avoiding it entirely.
Downtime is costly, with a single minute of downtime costing the average business over $8,800 in lost function, productivity and repairs. The downtime may also result from an uninterruptible power supply (UPS) failure, human error or demand failures, though cybersecurity incidents have increased 20 percent since 2010. Downtime’s costliness makes preparation for cyberthreats a necessity for businesses of all sizes.
How to Inform Customers of a Cyberattack
In addition to acquainting all employees with the breach-response plan, a company should establish a protocol for informing customers and clients about a cyberthreat. The massive cyberattack on Equifax is a lesson on what not to do with regard to informing customers. Having executives charged with insider trading after the attack is bad form, demonstrating the company’s unwillingness to inform customers immediately after learning of the breach. Equifax is therefore in the midst of a deserved PR nightmare. As a result, it now has the unsavory reputation of putting shareholders and profits ahead of customer interests.
A balance of immediate action and transparency with customers is the right way to inform customers of a cyberattack. Immediately after learning of the attack, send out a comprehensive email or phone call to customers, informing them of the event and precautions they can take, including changing their passwords and monitoring their credit histories. Then, reassure them that the business is working ceaselessly to address and repair the issue, in addition to implementing protocols to ensure such an attack isn’t successful again.
Transparency, prompt action and a savvy PR statement can go a long way in addressing the issue at the customer level.
Be Selective When Choosing Vendors
A productive approach to take when choosing vendors is to imagine the worst-case scenario. How will this vendor help in the event of a cyberattack? During the contract-negotiation phase, have the vendor elaborate on its policy regarding cyberattacks, as well as its willingness to participate in companywide prevention drills. Some prospective vendors may be unwilling to participate in the drill or provide a rapid response alongside. In this case, consider a different vendor. The threat of cyberattacks is serious enough to be a deal breaker when selecting vendors.
Find a vendor that offers comprehensive support. It should ideally provide secure content-delivery services as well as DDoS-attack protection, in addition to being involved in disaster-response drills. Selectivity is a big aspect of the vendor-selection process, so set aside time to speak in detail with candidates. Note their offers, both monetary and the actions they intend to take, while logging all relevant information on a spreadsheet. After meeting with prospective vendors, weigh the benefits and detriments of each option, while using the competing offers and features as leverage in the negotiation process.
Hybrid Backup Strategies
Because not all data vendors participate in cybersecurity drills, many companies are resorting to hybrid backup strategies to ensure protection if a cyberattack occurs. About 38 percent of IT professionals report using a combination of on- and off-site backup strategies. The usefulness of a hybrid backup approach is that it makes exploiting both an on- and off-site backups difficult, since they operate with different security protocols.
The IoT is also affecting data center security, primarily by increasing the need to be active as the quantity and quality of resources and data grows. New IoT devices are common additions to APIs and other systems that perform data analysis, with these devices causing network usage and demand to increase. According to one projection, IoT will generate roughly 44 trillion gigabytes of data by 2020, with this data-demand increase requiring cloud or hybrid data center deployment to ensure comprehensive security.
There are a variety of ways to handle cybersecurity drills. The drill needn’t always encompass a full-scale cyberattack. Smaller-scale drills are realistic if they occur frequently. But full-scale drills are necessary from time to time, though starting employees off with a small-scale one is an excellent way to bring them gradually and cohesively into the process. Plus, SMBs may lack the resources to regularly hold large-scale drills.
Attack-simulation tests are useful for analyzing every facet of a response protocol. Runbook tabletop drills detail written guidance for identification, containment, eradication and recovery from a cyberattack, and they’re also beneficial in ensuring that everyone knows their role when a cyberattack occurs. Tabletop drills are useful on a smaller scale and as a basis for planning general drills, but don’t rely on them exclusively.
A useful feature of a cybersecurity drill is ensuring that backups are operational and ready. Although most companies realize they have backups, whether those backups are accessible and valid is an entirely different question. Plus, some ransomware can wipe out backups, so drills are necessary to ensure they’re protected and recoverable even after a sophisticated cyberattack.
Cloud backups tend to be an issue, since most major cloud vendors only participate in disaster-preparation drills with large businesses. In this scenario, knowing the extent to which the vendor plans to help is important. During a drill, assume the vendor won’t help at all. Other aspects to note during a drill include DDoS-attack resilience, data breaches, malware attacks and physical issues, such as problems with the cooling system, router, server or power infrastructure.
Thus, it’s vital that data center operators do everything possible to protect themselves from cyberattacks. By following these protocols, they can tip the scales in their favor so that data will remain safe.
About the Author
Kayla Matthews is a technology writer and reporter, contributing to websites like VentureBeat, VICE, MakeUseOf and TechnoBuffalo. Visit ProductivityBytes.com to read more recent posts by Kayla.