In the last few years, technology has continued to surge ahead, with many of these new developments taking cybersecurity to new heights. Unfortunately, the same technologies are being used by a growing number of hackers intent on monetizing your personal and professional data. This comes in the form of targeting both traditional and non-traditional devices such as edge devices and virtual cities.
We often assume cyberattacks only happen to mega enterprises such as Walmart, Meta, or Google. These assaults make the front page, but the people most often affected by breaches in data security are not big businesses or countries. Rachel Wilson, a former NSA agent and professional with over 20 years working in cybersecurity, put it best in her recent evaluation of the cybersecurity concerns today, stating, “The key thing for all of us is to recognize that now 70% of that malicious cyber activity is coming after us. It's coming after anyone with two nickels to rub together.”
Wilson explained that cybercriminals don’t target your enterprise or data for personal reasons. They agnostically target you because you are simply vulnerable. As many cybersecurity professionals already know, it is not a question of if a malicious event will occur, but when.
Contemporary Cybersecurity Concerns
The onset of the COVID-19 pandemic made a lot of changes to our physical world, but the virtual landscape also saw immense changes. One study published by McAfee in 2020 indicated that the pandemic saw an 81% increase in attempted cyberattacks.
Over the past two years, cybersecurity risks have greatly increased due to what Wilson referred to as the Three Rs:
- Russia – While the situation might not be as dire as some might worry, Russian cybercriminals continue to raid data around the country. Whether those attacks are organized by the government or not, tense relations between the United States and Russia have certainly increased the frequency of cyberattacks.
- Ransomware – This lucrative form of extortion often involves stealing someone’s data, encrypting it, and offering to give it back for an obscenely large fee. In 2021, this form of cyberattack dealt the most damage to the United States economy, costing U.S. businesses a total of $20 billion. By some estimates, that boils down to a business being attacked once every 10 seconds.
- Resilience – Living through a global pandemic, many of us were, and still are, in a depleted mental state. This often leads to business owners and employees taking risks that make their enterprises even more vulnerable, such as keeping the same passwords, clicking nefarious links, or downloading data from disreputable sources.
These factors, along with the increased amount of remote workers using their own devices, have created ideal opportunities for criminals to compromise valuable data and breach unknown security vulnerabilities. This is particularly nerve wracking when you consider that most hackers need very little time to break into an enterprise.
How You Can Improve Your Enterprise’s Cybersecurity
Fortunately, there are steps you can take to improve your chances of avoiding and recovering from a malicious event. We’ve listed a few of our favorites below:
- Update Your Devices. This might seem like a no-brainer, but you would be surprised by how often people forget to keep their devices up to date. When engineers create an update for a smart device, they work out the bugs and vulnerabilities in the code. All hackers have to do is reverse engineer these fixes to prey on devices without the updates.
- Create A Backup Strategy. If your data is compromised by a malicious event, you will need to make sure you have access to a journal-style snapshot of your data elsewhere. One of the most common strategies is the “3-2-1 Strategy.” This involves having three copies of your data in two geographically dispersed locations, one of which is removed from your network. Here, you can rest assured that at least one version of your backup is safe from a potential cyberattack.
- Regularly Restore From Backup. If your system is down because of a cyberattack, every minute you don’t restore your server can have severe impacts on your organization’s finances. Routinely restore from backups so that it is second nature when you need it.
Performing these simple tasks can greatly improve your enterprise’s preparedness for a potential cyberattack. “These cyber threats are coming after all of us,” said Rachel Wilson. “They don't discriminate, and that means all of us in 2022 (and 2023) need to be raising our game.”
Zerto Provides Assurance In The Event Of A Cyberattack
If you are relying on a backup system, you want to make sure you have one you can feel confident in. That is where HPE’s Zerto comes in.
Contrary to many cloud recovery systems, Zerto is software-based and not bound to a particular provider. In addition to being provider agnostic, Zerto offers strong protection against the growing concern of ransomware in the following ways:
- Cloud Mobility – When Zerto notices a change, they copy it, replicate it, and send it to the cloud space (whether that is private or personal). Most importantly, this does not interfere with production and is always on.
- Journal-style Updates – Rather than using a snapshot feature like many other backup services, Zerto checks every five to ten seconds. This means that if a cyberattack hits at 10:00:00, you can recover to 09:59:55 and lose seconds, instead of hours, of work.
- Stack Applications Into Groups – Virtual memory is not the only concern in a malicious event. Applications are also important. If there is a data set in the VM that supports an application, you can group them into a virtual protection group (VPG). This grouping allows you to recover the VMs back to the same point without compromising write-order fidelity. This allows you to test recovery without impacting your production environment.
There are steps enterprises and individuals can take to improve their security and come out the other side of cyberattacks strong. If you have more questions about how you can integrate HPE’s Zerto into your enterprise, contact WEI today.
Next Steps: WEI and HPE/Zerto recently welcomed Rachel Wilson for an exclusive IT security discussion. Rachel currently serves as the director of cybersecurity for Morgan Stanley Wealth Management and is a former NSA senior executive. Experts from WEI and HPE also provided data protection and disaster recovery options to help combat cyber threats to your organization, data, and self. Learn more by watching the full webcast below.