Easi was this year invited to participate to the Dell World event #DellTechTour In the hustling & bustling city of Las Vegas. Over the course of several engaging days, me and Georges Nicolacopoulos learned a lot during these days.
Among the myriad of topics covered, four key areas stood out as critical focus points to us:
In this blog, we will explore the first key takeaways
Cyber Resilience & Recovery:
One of the major key takeaways @ Dell World event, was the increasing importance of Cyber Resilience and Cyber Recovery strategies.
This is also a major focus for Easi, we participated to several sessions to make sure we are up to date with the latest news.
With cyber attacks becoming more sophisticated, the focus on cyber resilience and recovery highlighted the critical role of technology in mitigating risks and ensuring the integrity of data and systems.
First it is important to understand the difference of nature between a disaster recovery strategy and a cyber recovery strategy. Disaster recovery strategy tend to focus on physical disasters such as fire & water damage, earth quakes, equipment failure etc. These type of disasters happen but are very rare in the real life world and are very clear for an organisation when they occur.
The disaster recovery strategies are rather straight forward which implies often the automatic/manual fail over to a secondary room or data center. When a good DR plan exists, which is up to date and regularly tested, the recovery time can be between minutes and 1 day.
A Cyber recovery disaster has a much larger impact on the organization as the outage is larger than a physical disaster. The production environment becomes essentially a crime scene and should be handled in such a way. When such an event occurs, an organisation is no longer sure of the trustworthiness of all the components in the IT Landscape. The components are not only the servers but also the end-clients, network devices etc. Even when a good CR plan exist, recovery time can take up to days, even weeks and months to become fully operational again.
To prepare your organisation for Cyber resilience & recovery, a Cyber Recovery DR strategy book should be created.
The Cyber Recovery Disaster strategy is not solely an IT project but is a collaboration between the CIO, CISO, IT department and business.These kind of projects require a thoughtful strategy to be followed before implementation. This goes much further then just offering/receiving a BOM (Bill of Material ), which is clearly the wrong way of approaching such a project.
The recovery strategy:
Regulations:
The regulations regarding the protection and recovery of data becomes more and more strict.
One of these directives is the NIS2 directive that will touch several additional verticals such as Food - ICT Service Management, Public Administration and so on
There is a clear chapter that describes how organizations should handle backups on the website of Centre for Cyber Security Belgium
CCB – Cyber Fundamentals Protect (PR) Information Protection Processes and Procedures
https://ccb.belgium.be/sites/default/files/cyberfundamentals/CYFUN_ESSENTIAL_EN_20230301.pdf
Contact:
We are sure you still will have a lot of questions, for the answers, please contact your DR & Backup Specialists
Blog Articles
Read more on the following blog articles
https://blog.easi.net/en/backup-your-last-line-of-defense
https://blog.easi.net/en/how-your-backups-can-protect-you-from-ransomware