The rise in ransomware attacks and their graver outcomes emphasize a challenging truth. While many organizations possess a data resilience plan encompassing Business Continuity and Disaster Recovery (BC/DR), the technologies and processes intended for data resilience may not effectively foster genuine cyber resilience in the current ransomware landscape. To build a cyber-resilient organization, it is essential to implement communication, collaboration, security tools, authentication mechanisms, backup solutions, and various other tactics. To deliberate and democratize solutions to the evolving threat landscape, Cohesity recently hosted a unique on-site event in Bangalore at ITC Gardenia. The event united real-time cyber response, comprehensive AI insights, and a worldwide perspective. Below are some of the opinions echoed during the discussion and the highlights of the conclusions.

Mayank Mishra, Regional Sales Director – India & SAARC, Cohesity, says, “We aim to safeguard, secure, and provide insights into global data, and the justification for this is reflected in the statistics. Data protection and data security are quite alike and are becoming increasingly interconnected. If you inquire with any CIO, CISO, or decision-makers in IT within a company, a primary area of concern is cyber resilience. “

Johnny Kuram, VP – Emerging Markets, Cohesity, says, “The objective is to rotate roles so that they can grasp the issue from various angles. For instance, a CEO might not have the perspective of a financial controller. By changing roles, individuals experience a learning curve related to the significance of that position, and ultimately, everyone gains a new viewpoint.”

James Blake, Global Cyber Resilience Strategist at Cohesity, says, “Destructive cyberattacks, such as ransomware and wiper attacks, are more of a certainty than a possibility, threatening operational continuity. Companies can address these challenges head-on by bolstering their cyber resilience—described as the ability to quickly respond to and recover from cyber incidents or unforeseen disruptions—by adopting modern data security, response, and recovery solutions.”

How to Improve an Organization’s Cyber Resilience?

To strengthen an organization's capability to withstand cyber threats, it's essential to implement a comprehensive strategy that includes prevention, safeguarding, reaction, and recuperation. This involves anticipatory risk management, strong security measures, efficient incident response planning, and ongoing enhancement through training, evaluation, and observation. Here are the five steps to follow:

1. Protect all Data with Global Governance

It may seem straightforward, but many organizations still fail to take this vital initial step, and data sprawl is often the reason. Natural data expansion has resulted in fragmentation and silos, significantly increasing the attack surface and leaving organizations more vulnerable than ever. Additionally, overseeing and safeguarding data at scale is increasingly taxing on operational efficiency. This combination of more data being stored in more locations and a diminished capacity to manage it effectively has established the ideal circumstances for attackers to cause disruption.

Also Read:  CFOs Gearing Up for Growth in 2025

2. Ensure Backups Are Always Recoverable

Cybercriminals often target backups. They understand that if they can compromise this final safeguard, the victim will be much more inclined to pay the ransom because the organization will lack alternative options. Although it may be tempting to believe that a modern platform automatically ensures recoverable backups, this is not entirely accurate. Organizations must implement redundancies to increase the challenge for attackers and to ensure that your organization can retrieve clean backups if they succeed.

3. Detect and Investigate Threats

This stage pertains to the synergistic effect of threat scanning and threat hunting functionalities. Organizations should adopt a proactive approach by frequently examining the backups for potential threats and considering threat scanning as akin to maintaining regular hygiene practices. It will assist in:  

• Detecting any alterations as swiftly as possible  

• Recognizing malware or other weaknesses  

Organizations should also develop their threat-hunting capabilities when tackling specific threats. For example, Cohesity's curated threat feeds and collaborations with security ecosystem vendors within the Data Security Alliance, including CrowdStrike, Palo Alto Networks, Cisco, and others, provide the benefits of their collective knowledge alongside the data they supply to these systems. This facilitates collaboration between the InfoSec and IT teams in the organization using a cohesive set of information.

4. Prepare, Practice, and Recover from Incidents

In terms of readiness, most organizations are likely to have a solid foundation in cybersecurity. Organizations should start elevating their preparedness by rehearsing their response and recovery processes. After all, those affected do not wish to encounter such situations for the first time during a real attack when their systems are compromised and the pressure mounts.  

Creating a dedicated environment for performing forensic analysis, allowing teams to thoroughly examine compromised data, comprehend the events that occurred, eliminate any remnants of the attack, and ensure that systems are secure for recovery is crucial.

 

This method provides a distinctive combination of speed, automation, and robust forensics, facilitating collaboration between incident responders and IT teams.

Also Read: Will PM Modi's Visit to the US Strengthen Economic Growth?

5. Reducing Risk from Data Theft

As ransomware attacks become increasingly severe, the volume of data to oversee, whether on-premises, in SaaS, on the cloud, or at the edge, has reached unprecedented levels. People often wonder what valuable information might be stored in that unsecured S3 bucket that lacks proper monitoring or oversight. Potential hidden dangers besides unsecured S3 buckets include abandoned databases, exposed credentials, and other vulnerabilities. Implementing proactive strategies such as Data Security Posture Management (DSPM) and data classification can be effective in mitigating these risks.