In this blog post
Security Resilience in a Hybrid Cloud Environment
With increasingly complex hybrid infrastructure and highly sophisticated cybercrimes, safeguarding business has become a top priority for most organizations. Advanced security and resilience must replace a patchwork of cybersecurity and data privacy solutions with an integrated approach to cyber protection that can help organizations stay ahead of modern threats.
GAVS hosted a webinar on ‘Security Resilience in a Hybrid Cloud Environment’ that focused on some of the challenges in securing hybrid infrastructure, the attainability of cyber resilience, how to move beyond traditional strategies and solutions, reducing costs with an integrated approach for real-time protection with AI-powered threat monitoring, detection, automation, and more. This blog captures some of the key discussion points and takeaways from the webinar. The link to the entire webinar is available at the end of the blog.
The webinar was moderated by Kannan Srinivasan, Head of Cybersecurity at GAVS. He has over 21 years of experience in this space, with strong industry domain expertise in the Banking and Insurance sector. The other panelists were Sanjib Mondal who is a Senior Solutions Engineer at Acronis, with over 14 years of experience in the Data Protection and Cyber Protection domain; and Sunny Verma who has eight years of experience and is the Partner Success Manager for APAC at Acronis.
Understanding Cyber Resilience
Cyber resilience focuses on how well an organization can protect itself against cyber attacks and recover while minimizing the long-term impact of such attacks. To achieve the highest levels of maturity in cyber resilience, organizations must start by establishing essential cyber tools for automation, implementing proper cyber risk management policies and processes, ensuring suppliers comply with the risk policies of the organization, and embedding cybersecurity into business strategy.
According to the Acronis Cyber Readiness Report 2021, three out of ten businesses face a cyber attack at least once a day! As remote work in some form is being considered as a permanent work arrangement, there is a rise in demand for remote monitoring and management tools. Simply put, digital trust is under attack. Remote work has increased the exposure to security risks, and evidently, most organizations lack the expertise to deal with the increasingly complex threats. Reportedly, traditional antivirus solutions cannot fend off modern forms of cyber attacks. With the hybrid model of work on the rise, demands for integrated backup and disaster recovery has also been gaining momentum.
Barriers to Achieving Cyber Resilience
Old legacy backup procedures and AV solutions do not support the newer digital environments. These solutions are complex as they have complicated licensing, difficult deployment, and training. They are also expensive as multiple tools incur huge administration costs. Finally, legacy systems have integration difficulties that create gaps in the defense line against cyber attacks compromising security, thus adding additional burden to the management.
To become cyber resilient, businesses must invest in a technology that can simplify, consolidate, and secure. To that end, businesses must focus on investing in a backup solution that will help recover data in the event of a disaster such as a ransomware attack. Nonetheless, this solution should be time-efficient by having robust patch management. Minimal restoration time is critical in ensuring that the system is protected as, more often than not, users skip system updates due to the time it consumes.
Although corporate budget is a driving factor while considering security solutions, having multiple solutions involves different IT members trying to integrate these systems to build one resilient cyber safety measure for the business. There are several overheads that need to be considered while handling multiple vendors for safety measures, such as the increased number of consoles to handle different systems, on-boarding and off-boarding of various stakeholders, health and performance monitoring of each of the systems, backup and disaster recovery processes, reporting, integration and automation gaps, patch management, and vulnerability assessments. Hence, it is strongly advisable to have a single integrated solution that will help protect the environment completely.
NIST Cybersecurity Framework
This framework integrates industry standards, guidelines, and best practices to help organizations effectively manage their cybersecurity risks. The NIST framework helps reduce cyber risks in critical infrastructure and supports organizations to build, strengthen, and manage their cybersecurity program. The framework provides a common language for stakeholders across the organization to better understand their cybersecurity risks. NIST framework consists of five pillars that support creating a holistic and successful cybersecurity plan. These five functions work concurrently and continuously to create the foundation on which other essential elements can be built for successful high-profile cybersecurity risk management:
- Identify infrastructure and devices through auto-discovery, vulnerability assessment, and data protection maps
- Protect the business with remote agent installation, device control, and protection policies management
- Detect by building defenses against malware/ransomware, hard drive health control, dashboards, and reports
- Respond through patch management integrated with backup, malware quarantine, and rescue with bootable media
- Recover with backups and disaster recovery, forensic information in backup, and remote desktop
This blog offers only a high-level gist of the webinar. You can watch the entire discussion, including the poll questions and the experts’ take on audience questions here.
GAVS periodically organizes insightful webinars with GAVS’ tech leaders, the leadership team, and industry thought leaders to explore current and emerging trends. To watch all of our webinar recordings, please visit https://www.gavstech.com/videos/.
