Cyberattacks Underscore the Need for Network and Data Protection

Disaster recovery plans aren’t sufficient to protect cloud-based data against ransomware and malware attacks. Robust cyber recovery programs are required.


Be prepared for cyberattacks. Though not new, that message was critically clear in May 2021—a month that provided a good reminder of the need for cyber recovery (CR) plans. Ransomware attacks on Colonial Pipeline and meat producer JBS, and the spear phishing hack of USAID all made headlines—along with significant disruptions to infrastructure. The month also saw noteworthy strides to protect against such attacks. The White House issued an executive order on improving the nation’s cybersecurity, which highlighted that “organizations cannot wait until they are compromised to figure out how to respond to an attack.”

This year, ransomware damage is estimated to cost $20 billion, nearly 60 times more than was the case in 2015. In the event of a ransomware attack, paying the ransom (as Colonial Pipeline did, to the tune of $4.4 million) isn’t a guarantee that access to the data will be restored quickly—or at all. Backup environments can be attacked or corrupted, as well.

Today, disaster recovery (DR) plans aren’t sufficient to protect cloud-based data against ransomware and malware attacks. Robust cyber recovery programs are required.

Cyber Recovery: Beyond Disaster Recovery

Traditional disaster recovery planning is an important way to restore business operations in the aftermath of natural disasters (such as floods and power outages) or even terrorism. In these cases, the impact of the disaster is typically contained to a particular region.

Cyberattacks are more difficult to contain; they can spread quickly through data and systems, disrupting global operations. Cyber recovery plans don’t replace DR, but build upon them to guard against various types of targeted cyber attacks, considering all possible cyber actors and attack vectors.

Addressing a hole in most DR plans, CR protects data and workloads that are mission-critical, whether that data is located in the cloud or on-prem. A CR plan stores a clean copy of your most important workloads and data in a physically, logically isolated data vault. This protected copy of data can be relied on in the event that a ransomware or malware attack locks the other backup copies. Placing this data in a secure environment also allows you to run forensics and analytics (including the identification of compromised files and malware) and to launch recovery processes. 

Protect Your Data with Cyber Resilience

To get started with a cyber recovery program or to improve current CR plans, carefully review your needs. Begin by evaluating which data and workloads (cloud-based or on-premises) should be protected in a second location via an air-gapped cyber recovery vault. The vault isolates your most important data, protecting it from cyberattacks and validating the integrity of your data.

Next, identify your backup and recovery needs, such as whether you’ll recover to an on-prem environment or to public cloud(s). Replicating vault data back to an on-prem environment is a viable, but time-intensive, option that may prolong downtime. A faster option is to enable the vault for recovery to a multi-cloud environment. Multi-cloud recovery provides nearly unlimited resources, facilitating immediate restoration and providing the option to run applications in cost-effective, high-performance configurations across AWS, Azure, Google Cloud, or other public clouds.

As you develop your CR plans, consider any existing relationships with storage providers that may support and streamline your CR efforts. For example, Dell customers may choose to rely on Dell’s CyberSense, which helps detect signs of corruption due to ransomware. 

Your cyber resilience can also be strengthened by relying on recognized best practices for cybersecurity. The NIST Cybersecurity Framework aids this process, providing useful guidelines for how businesses can 1.) identify all data, equipment, and software; 2.) protect it; 3.) detect risks; 4.) respond to an attack; and 5.) recover after an attack. 

Ransomware and malware attacks are a part of today’s business reality, but proper cyber recovery planning can shield you from catastrophe. Protecting your data in the cloud can provide resilience—for your data, your organization, and your reputation.


Rebekah Dumouchelle is the head of content and product marketing at Faction. Prior to joining Faction, she worked as a developer and product manager at Computer Sciences Corporation, and product marketing for Embarcadero Technologies. She holds undergraduate degrees in computer science and business management as well as an M.B.A.