By James A. Martin
Thus far, 2019 has been anything but dull, with a protracted government shutdown, Antarctic temperatures in the Midwest, and the continuing uncertainty surrounding Brexit.
In other words: This year is shaping up to be as turbulent as 2018. And more extreme weather is expected, too. The National Oceanic and Atmospheric Administration (NOAA) predicts 2019 may be the hottest year in recorded history. Last year, there were 14 billion-dollar weather and climate disasters across the U.S., as NOAA reports:
Just in: USA saw 14 #BillionDollarDisasters in 2018, which were responsible for at least 247 deaths & ~$91B in losses --- the 4th costliest year on record: @NOAANCEIclimate https://t.co/5sG3WYpmU2 #StateOfClimate pic.twitter.com/lNnrT0MDR4— NOAA (@NOAA) February 6, 2019
Given these uncertain times, what do business and tech leaders need to know to ensure their organizations are as resilient as possible? Sungard AS’ thought leaders answer questions about 2018 trends in disaster recovery and business resilience and what we might expect throughout 2019.
Q: What were the most frequent reasons recovery services were invoked in 2018?
“For the most part, the most frequently cited reasons for invoking recovery services in 2018 were natural disasters, political unrest, terrorist activities and unforeseen outages from service providers, such as network providers,” says Kaushik Ray, Senior Vice President of Global Client Service Management.
While power, hardware, and communications outages aren’t as headline-worthy as cyber or terrorist attacks, they were three to four times more likely to cause an invocation of recovery services in the U.K. and Europe in 2018, according to Tom Holloway, Principal Consultant, Business Resilience, who expects the trend to continue this year.
“The reasons for invoking recovery services continue to be largely a result of natural disasters, hardware failures and power outages,” adds Joseph George, Vice President of Product Management, Global Recovery Services. “In 2018, there were more declarations due to cyberattacks and ransomware than the previous year, and we expect that to continue to increase in 2019.”
Q: Were there other recovery- or resilience-related trends from 2018 you expect to see in 2019?
More companies are leveraging public cloud services to help them become more resilient, says Bob Peterson, CTO Architect. “Public cloud services enable companies to start building solutions that are multi-region-capable or that give them access to other quick recovery solutions. Even if a solution isn’t fully deployed as an active-active environment, companies can start using Infrastructure-as-Code-based concepts to quickly spin up a recovery infrastructure in another location. Data replication then becomes the biggest challenge.”
One thing to remember is that with the public cloud, your needs for backup of data and system and application recovery don’t go away. “You still need to make sure you’re planning for and implementing solutions to address your resilience needs in the public cloud,” George notes.
Q: How will security threats evolve in 2019?
“The largest target will continue to be banking and credit cards,” predicts Mitch Kavalsky, Director of Security Governance and Risk. “Any avenue to get to this information will continue to be at risk of compromise.”
The weaponization of personal data will be a recurring threat in 2019, says Holloway. “The advent of the General Data Protection Regulation (GDPR) in 2018 has exponentially increased the stakes of data loss, both accidental and criminal. In addition, malware will continue to challenge organizations’ defenses as the hackers' arms race continues unhindered.”
A recurring theme at the 2018 RSA Conference was that, despite the tremendous efforts of many, “organizations keep failing at cybersecurity, even those with fairly robust security teams,” says Peterson.
“The push to the cloud is going to continue to change a company’s risk profiles,” Peterson continues. “As we move more data beyond our perimeters, we’ll start seeing an increase of attacks that will be harder to detect. We can’t monitor for malicious activity in the context of our business and our network perimeter when the data is outside our control. We have to rely on providers to help, or to find ways to build in the monitoring capabilities.”
Concepts such as the cloud, serverless computing and containers are ideal in terms of the ability to easily scale, Peterson adds. “But they introduce a huge problem with troubleshooting, logging and forensics. You have services that used to be tightly controlled that are now spread out across different discrete services. The cloud vendors have introduced so many different services that are within easy reach of end users. Many people start using the tools without understanding the risks and what they need to do to protect their information.”
The growing use of Kubernetes and serverless computing led to security issues in late 2018, adds Todd Loeppke, Team Lead, CTO Architect. For example, ZDNet reported in December that “Kubernetes’ first major security hole (was) discovered.”
As a result, organizations should dedicate more resources this year to address security challenges associated with containers and serverless computing environments, Loeppke advises.
Ransomware and other malware will continue to evolve in 2019, Ray believes. “Not only do you need to have robust Intrusion Prevention Services (IPS), but you also need to have Intrusion Detection Services (IDS) along with forensic analysis capabilities. This will ensure that you can detect if malware or ransomware has already penetrated the IPS and, if so, determine when it happened, what might have been breached and how to contain it.”
Q: What’s the most impactful thing businesses can do to prepare for and react to disasters in 2019?
Develop and test a disaster recovery plan. Doing so will allow you to be resilient in the event of any disaster, says Sue Clark, Senior CTO Architect. “If the plan is set up correctly, it allows all of your employees to continue working from remote locations, but with full access to their data.”
Run a crisis management scenario exercise to determine whether your existing plans and leadership team are up to the task, Holloway says. “If they are, then confidence has been increased,” he says. “And if they aren’t, you can take the necessary measures to correct the situation before something happens.”
Build all new applications and services to be resilient across multiple locations, Loeppke advises. “That way, recovering from a disaster is mostly focused on malware or data corruption events and not environmental or natural disasters.”
Perform a Business Impact Assessment (BIA). A thoroughly implemented BIA will tell you what your critical business systems are, what kind of downtime your organization can withstand, what types of disasters are most applicable or significant, and more, says Ray.
“Based on the results of your BIA, IT can start working on a plan to remediate the gaps that might exist in your disaster readiness posture, including but not limited to deploying new solutions that will protect you against data loss and give you the necessary speed of recovery to meet the business’s Recovery Point Objective (RPO) and Recovery Time Objective (RTO) needs,” Ray explains.
“The key is to make sure you understand what level of risk you’re willing to accept and what level of risk you currently have, and if there’s a gap between the two,” says George. “If there is a gap, that’s where you need to invest. You need to make sure you’re taking a multi-tier approach, too, considering both physical threats and natural disasters, as well as planning for outages from cyberattacks. Your focus should be on optimizing your disaster recovery spend—and knowing that any risks you take are ones you’re comfortable taking.”
James A. Martin has written about security and other technology topics for CIO, CSO, Computerworld, PC World, and others.