True cyber resilience involves much more than having a disaster recovery (DR) solution. That’s because recovery from a typical DR scenario is different than recovery from a cyber event. Why?
For starters, disaster recovery scenarios usually involve human nature, mother nature, or technical failure:
- An accidentally deleted file
- Storms and other weather events
- Power outages
- Network interruptions
- Hardware failure
These are just a few examples. But typically, when faced with these kind of issues, the IT team will find the latest point-in-time replica of the organization’s systems and data, and then fail over in the cloud. With modern DR solutions, it’s a fairly quick process.
Adjusting to a New Normal
Unfortunately, standard recovery needs are NOT normal these days. Here are some stats that should provide some context for why things are different now. Three years ago, more than 80% of 11:11 Systems’ disaster declarations followed the standard DR model, while less than 20% were situations involving ransomware or other cyberattacks. This year, through the end of June 2023, 100% of our disaster declarations have been cyber recovery related.
This is borne out by recent research on the explosion of cybercrime. Depending on the source, experts estimate a 300%-600% increase in cyberattacks since the start of the Covid-19 global pandemic. The healthcare industry alone saw a 58% increase in cybercrime in the last three years. This emphasizes the scope of the cybercrime problem for organizations of every type.
Why is cyber recovery different? Because even if you have a DR solution or other modern data protection in place, your IT team has no idea when your data was compromised. It could have been six minutes ago — or six months ago. Your latest point-in-time DR replica may be entirely corrupt and unusable. So what can you do?
Identifying Gaps and Understanding Your Risk Profile
Over the last few months, the 11:11 Consulting Team developed an online Cyber Risk Assessment. This questionnaire includes 20 questions about your planning, technology, and procedures — many of the things required for a multi-disciplinary approach to minimize disruption from a cyber event. Knowing where the gaps are can be the first step toward understanding your risk profile. Plus, once you complete the assessment and get your score, we are offering a no-cost, professionally-led cyber readiness discussion with 11:11 Consulting Services professionals. Our consultants have decades of experience addressing cybercrime and showing organizations how to fill in their recovery gaps.
We also just published an infographic outlining some steps to take to become cyber ready. It really brings some clarity to the depth and the breadth of the problem, while providing some steps you can take right now to help your organization become more resilient. These tools will help you assess whether or not you’re cyber recovery ready, just in time for Cybersecurity Awareness Month in October.