Sign in to my dashboard Create an account
Menu

Building an effective cyber resilience strategy

Protect your data from the inside out

encrypted sd card on key chain
Contents

Share this page

Jason Blosil Author Photo
Jason Blosil
285 views

At one time, having a cybersecurity strategy that stopped the enemy at the gate by fortifying the perimeter provided effective protection. But remote work, bring-your-own-device policies, and a proliferation of endpoints add hundreds or even thousands of gates to defend. It’s more than already-overwhelmed IT teams can handle, making it easier than ever for cybercriminals to succeed in their attacks. Here’s how you can build a cyber resilience strategy that keeps pace with ever-evolving criminal tactics.

Focus on what matters most—your data

For many organizations, it’s easy to forget that the goal of cyber resilience isn’t to prevent intrusions; it’s to prevent intrusions from disrupting your organization’s business operations by protecting its most valuable asset—its data. When your data becomes your primary focus, it’s easier to tackle your cyber resilience needs. Your first step is to understand your current state by working through the following questions:

  • Where is my data located? In the cloud? On premises? At the edge? In multiple geographies?
  • What kind of data do I have? (Examples: payment card information, social security numbers, employee salaries, trade secret information)
  • Who or what has permission to access my data?
  • How can I quickly monitor user behavior for suspicious activity across my global network?
  • How can I quickly identify and block malicious activity?
  • How can I make sure that all my data is safe while I determine the blast radius of an attack?
  • How can I bring my data and applications back online, in minutes, if an attack occurs?
  • How can I investigate the source of a threat so that I have enough information to prevent future similar attempts?
  • How can I build protection directly within or around my data so that it can “self-protect” quickly, while we’re identifying and addressing a threat?

By answering these questions, you create the skeleton for a data-centric cyber resilience plan that will help your organization be prepared for cyberattacks.

Five steps for creating a cyber resilience strategy from the inside out

A good cyber resilience strategy is all about building in data protection and data-centric security instead of bolting it on as an afterthought. Following these five steps can help you protect your data and bounce back quickly if an attack does occur.

  1. Identify: Take stock of your environment. Assess your current data protection and security. Classify different types of data, determine where the types are stored, and evaluate file access permissions. Ask yourself questions like, “are my volumes public?” Without the right tools, this can be a time-consuming task, but if it’s not done, it can create a lot of confusion down the road in terms of both protection and recovery.
  2. Protect: Put your defenses in place. Encrypt your data, conduct regular backups, ensure proper infrastructure management and access control (for example, multiadmin verification, RBAC, MFA), implement perimeter defenses, update vulnerable operating systems and applications, and train users about cybersecurity best practices. Do what you need to block malicious users, thwart infection, and prevent data deletion.
  3. Detect: Stay one step ahead. Put systems in place that identify suspicious activity before it becomes an existential threat. This includes monitoring user behavior and detecting anomalies in storage or file system behavior.
  4. Respond: Know what to do in a crisis. Put together a disaster recovery and business continuity plan and test it constantly, including operational response as well as automated responses. Make sure that all team members know their responsibilities in an emergency. Update your plan as threats evolve and lessons are learned in the aftermath of attacks. Be sure to share all plan updates with internal and external stakeholders so that there is a cohesive response if an attack occurs.
  5. Recover: Get back to normal in no time. Reduce downtime by applying intelligent forensics to identify the source of the threat and target which data to restore first. Rapidly restoring data can help accelerate operational recovery and enable bringing critical applications back online.

Learn more

If you’re looking to get started quickly, check out NetApp® cyber resilience solutions. They can help at every stage of the plan. And if you’ve already invested in cybersecurity tools, NetApp can integrate with them so you can close gaps instead of starting over from the beginning.

Jason Blosil

Jason is a business and marketing professional with over 20 years of product marketing, product management, and corporate finance experience. Since joining NetApp in 2008 he has been focused on SAN and NAS storage, backup and disaster recovery solutions, and cloud data services. When not in the office, you can find him cycling, cooking, enjoying time with family, and volunteering at his church and in the community.

View all Posts by Jason Blosil

Next Steps

Drift chat loading