Hackers and cybercriminals view COVID-19 as an opportunity.
Since the beginning of the pandemic, companies have seen a surge in hacking attempts, and the FBI’s Internet Crime Complaint Center (IC3) has received between 3,000 and 4,000 cybersecurity complaints each day, up from 1,000 daily complaints before COVID-19.
While your organization may have safeguards and protections in place to keep your data out of the hands of bad actors, that’s not enough. You also need a way to recover your data if it’s compromised during a cyberattack. And unfortunately, your traditional disaster recovery (DR) plan won’t work for this unique recovery case.
Using your traditional DR plan to recover compromised data following a successful cyberattack is like throwing water on a grease fire – it might be your first instinct, but it can make the situation worse.
Traditional DR plans concentrate on physical infrastructure that’s not usually impacted by a cyberattack, thus making it an entirely different “recovery case” than data recovery.
Data recovery differs from DR in four areas:
Because it’s such a different situation than DR, recovering data after a successful cyberattack demands a different approach.
Each data recovery scenario is unique to the company, the data and the attack. Before reacting, you need to understand what happened to determine the best way to proceed. You also need a plan in place before you’re hit with a cyberattack so you have recovery options available.
Determine your vital data assets and keep them safe using a 3-2-1-1 protect and recovery architecture: three areas of resource separation, two defined recovery strategies (DR and data recovery), one off-network or immutable data copy, and one secured recovery environment.
Establish a multi-faceted team to direct your cyber-compromised data recovery and, to ensure they’re ready to respond quickly and effectively, consistently test your plan for various scenarios.
Recovering data after a successful cyberattack is different than the typical DR process, but with the right preparations, successful data recovery shouldn’t be a problem. If you plan for the differences, implement the right strategies and regularly test your plan, you’ll be better prepared to recover compromised data, rather than just making things worse.