Almost all companies across all industries are regularly targeted by different types of cyberattacks. Countering them isn't just about prevention. You also need a strategy to make sure that a cyberattack won't affect your operations. Taoufik Touti, Technical Specialist and Quebec Storage Partner at IBM Canada, explains how IBM's cybersecurity and cyber resiliency strategies can help you manage virtual threats.
What types of companies are most likely to be hit with cyberattacks?
New attacks occur almost daily and they're happening everywhere. The costs are steep, with damages reaching up to $5 million or more. It can take days or even weeks to recover. All companies are at risk, but especially those in the financial and medical sectors because they have a lot of sensitive information to hack.
What different types of cyberattacks exist?
There are several types of attacks. For example, ransomware is where a cybercriminal breaks into a company's digital environment to encrypt its data and then demands a ransom in exchange for restoring normal operations. This is really common. There's also wiperware (malware), which are viruses that aim to erase company information.
Nearly three-quarters of organizations don’t have a consistent, enterprise-wide cybersecurity incident response plan. Why do you think that is?
Priorities and threats change over time. As it stands, it's really important to protect and defend data at the storage point. With risks increasing, we're seeing a change in the way business leaders think. They now realize that cyberattacks are inevitable and that you have to plan what to do "when" they happen, not "if" they happen. We help companies improve their cyber resilience before an incident occurs, so that they'll be prepared to keep threats at bay and recover quickly from attacks.
According to IBM, intelligent orchestration bolsters incident response by leveraging integrated technologies. How does that work?
Intelligent orchestration is all about automation. Recovering from a breach shouldn't take weeks. And yet, it takes organizations an average of 23 days to become functional again. At IBM, we help our clients recover within hours—sometimes minutes. Recognizing that a breach can cripple production and have severe consequences on a company's reputation, we created a highly effective intelligent solution. It's based on data immutability, which means the information can't be altered, as well as threat management and proactive monitoring. For example, IBM Cyber Vault provides an isolated, secure environment and protection against data corruption by creating copies of previously backed up data.
How do you establish a strategy for effectively responding to cyber threats?
The first step is developing a strategy that reflects the company's vision. The organization doesn't necessarily have to be an IBM customer in order to use our analysis services. Our Cyber Resilience Assessment Tool (CRAT) is used to investigate gaps in an organization's operational infrastructure. We start by having a conversation with the client and asking them to complete a questionnaire. Then we analyze their answers and come back with a presentation that explains what they're doing well and what areas need improvement. Importantly, we'll develop a strategy that includes preventive measures and post-attack responses. In addition, I recommend always keeping backups at the ready so that you can respond quickly.
What hardware and software do companies need?
Cyber resilience starts with the physical equipment, and then the architecture needs to be properly designed to support resiliency. When done right, the equipment is very efficient and better able to withstand attacks. We've also developed software that's suitable for small, medium and large enterprises. For example, IBM Safeguarded Copy creates backup copies of your data so that you can recover production line information that's been corrupted or destroyed.