Cyber security threats are becoming more prolific to the extent they have been woven into an organization’s risk assessment plans. For many it’s no longer a matter of “if” but when.

Businesses and government organizations aren’t taking this lying down. According to recent estimates, global spending on cyber security solutions and services will reach $219 billion this year as more and more organizations look to achieve a state of cyber resilience, which means establishing a level of preparedness for cyberattacks and being able to respond accordingly.

However, despite the enormous investment in cyber security there is a growing disparity between cyber resiliency and disaster recovery and backup. This can lead to big problems in the event of a data breach or ransomware attack. Very often organizations find themselves without an adequate recovery plan, facing the prospect of days, even weeks, of downtime while they restore lost and corrupted data. This defeats the idea of cyber resilience altogether, and calls into question the investment in cyber security tools when the organization hasn’t factored in what happens in the aftermath of an attack. An organization’s ability to bounce back from an attack is just as important as its ability to repel an attack in the first place.

The divergence of cyber and DR

Despite the obvious connection between cyber security and DR, the two have diverged in recent times with organizations placing more emphasis on cyber defenses. While organizations have understandably updated their cyber defenses and protocols, they haven’t synced them with their DR and backup plans. It’s become a bit of a blind spot, literally, especially if they’re reliant on third-party solutions to recover data that sits in the public cloud. The more disparate the data – scattered across on premises, public and hybrid cloud environments – the harder it is to recover. The last thing the board wants to hear, while the company is still reeling from an attack, is that remediation will take longer than expected and business operations will be disrupted in the meantime. It’s a risk that businesses simply cannot afford to take.

DR has traditionally been seen as a response to natural disasters, such as floods or fires, or power outages, anything and everything which will compromise operations to company data centers or on premises solutions. Cyber threats are no different and the more dependent organizations become on data and public cloud infrastructures, the more intrinsic DR and backup will become to achieving a fundamental level of cyber resilience.

Immutable backup

Traditionally, large enterprises and medium-sized organizations used to manage the DR and backup function in-house, using their own servers and data centers. As more data and systems came online, it became a costly and time-consuming process, compounded by the migration to hybrid cloud infrastructures and the growing dependence on cloud and SaaS platforms to support specific functions and remote working. The sheer scale of the cloud can make organizations more vulnerable to attacks, but it also requires a backup solution that can scale to meet the size and scope of an organization’s digital footprint, which can accommodate critical data and assets. The answer today lies in having a third-party immutable backup in place an organization can fall back on in the case of an emergency.

These flexible and scalable solutions act as a second site where you can replicate and restore all your critical infrastructure to prevent any disruption or downtime to business operations. It’s more advantageous to have a fully managed solution in place which allows you to archive and recover data across on prem, public and hybrid cloud environments. Not only will this secure off-site location help to keep operations running and ensure business continuity, but it’s also managed by a team of professionals around the clock, giving you the time you need to diagnose the attack and the extent of damage it’s caused, and what needs to be done to resolve the situation. Safe in the knowledge operations are still up and running.

Closing the DR and cyber gap

DR and backup solutions have evolved with the times to ensure organizations’ have the capabilities to fall back on immutable backups the moment data and systems are compromised by a cyberattack. They are compatible with the full range of cloud infrastructures typically used by organizations today and they can be up and running within minutes rather than having to wait hours or even days to resume normal operations. They’re also cloud-based and can be quickly integrated into corporate cyber security and DR strategies to boost cyber resilience and deliver a more holistic approach to prevention and recovery. CIOs, CTOs and CISOs can finally connect the dots between cyber resilience and disaster recovery, consolidate resources, and drive cost efficiencies. With ransomware attacks so prevalent now and pressures from management to shore up defenses, it’s not surprising many organizations fail to see the link between cyber security and DR. Fortunately, with resources spread too thinly across cloud and on prem, organizations are beginning to realize they need immutable backups which allow them to recover data the moment they’re compromised.


Brian Dutton

Brian Dutton is the director, us sales and client services at Assured Data Protection. Dutton previously worked with U.S. directors at DS3 DataVaulting, where he supported channel relationships and helped grow the business. He has since been consulting for colocation providers in Ashburn, Va., and joined the Assured Data Protection team in July 2018.

The State of Disaster Recovery Preparedness 2024
Disaster Recovery Preparedness Is Evolving Many businesses understand the need for disaster recovery capabilities, but adoption and implementation of various...
Moving Your Company’s IT Forward as a Chief Information Officer
Subscribe to the Business Resilience DECODED podcast – from DRJ and Asfalis Advisors – on your favorite podcast app. New...
What 2022 Data Center Trends Mean for Business Continuity Specialists
The data center industry is in a continual state of evolution, but one factor remains constant: the need to ensure...
In Disaster Recovery, Resiliency is Everything
Cloud computing has changed the way businesses work, and legacy Disaster Recovery-as-a-Service (DRaaS) solutions aren’t up to the task of...