What you need to know about cyber threats in your data center

Cyber ​​threats are an unfortunate reality for data centers, which face many challenges in preventing breaches. The risk has been increasing in recent years, with more than 40% of respondents to a Carbonite survey reporting a significant rise in the threat of hackers, ransomware, and other malware.

Cybersecurity issues cause billions of dollars in losses worldwide each year, making cyberattacks a pressing issue for data centers. Small and medium-sized businesses (SMBs) are particularly vulnerable to cyberattacks because they often lack the security and resources to protect themselves. A survey by the Ponemon Institute found that 68% of SMBs feel "vulnerable" or "very vulnerable" to cyberattacks.

[[233137]]

Potential for data loss and downtime

The main threat of cyberattacks is data loss and downtime, which can lead to failure to meet recovery time objectives (RTO), difficulty in recovering data, and other privacy issues. Since even a few minutes of downtime can have a catastrophic impact on an enterprise, solutions to defend against and respond to cyber threats are critical to the stable operation of an enterprise.

The potential for data loss and downtime makes cybersecurity drills a necessity. Similar to ensuring firefighting protocols run smoothly during an actual fire, businesses should prepare for a cyberattack before it occurs. Businesses should participate in cybersecurity drills, as well as general monitoring and analysis, to ensure everything is in place for the best defense. An established breach response plan can effectively combat cyber threats by minimizing or avoiding damage altogether.

Downtime is costly, with even just one minute of downtime costing businesses more than $8,800 on average, resulting in lost functionality, lost productivity, and repairs. Downtime can also come from uninterruptible power supply (UPS) failures, human error, or demand failures, though cybersecurity incidents have increased 20% since 2010. The cost of downtime makes preparing for cyber threats a must for businesses of all sizes.

How to notify customers after a cyber attack

In addition to making all employees aware of the breach response plan, companies should also establish a protocol for notifying customers about cyber threats. The massive cyberattack on Equifax was a painful lesson in how the company did not take a proactive approach to informing its customers. After the cyberattack, the company's management was accused of not doing enough to notify customers immediately after learning of the breach. As a result, Equifax suffered a heavy loss in business and customer reputation.

The right balance of immediate action and customer transparency is the right way to inform customers about a cyberattack. Immediately upon learning of a cyberattack, a business should send a comprehensive email or phone call to customers informing them of the incident and the preventive measures they can take, including changing passwords and monitoring their credit history. Then reassure customers that the business is continually working to address and fix the problem, in addition to executing protocols to ensure such attacks don't happen again.

Transparency, quick action and smart PR statements go a long way in resolving issues at the customer level.

Be selective when choosing suppliers

An effective approach to selecting a supplier is to imagine the worst-case scenario. If a cyberattack occurs, how will the supplier you choose help? During the negotiation phase of the contract, ask the supplier to elaborate on its cyberattack policy and willingness to participate in company-wide prevention exercises. Some potential suppliers may be reluctant to participate in exercises or provide a rapid response. In this case, the company needs to consider working with other suppliers. The threat of a cyberattack is serious enough to be a deal breaker when selecting a supplier.

Look for vendors that offer comprehensive support. Ideally, they should offer secure content delivery services as well as DDoS attack protection, in addition to participating in disaster response drills. Selectivity is an important aspect of the vendor selection process, so set aside time to speak with candidates in detail, get their quotes, including contract amounts and the actions they intend to take, and record all relevant information in a spreadsheet. After meeting with potential vendors, weigh the pros and cons of each option, using offers and features as leverage in the negotiation process.

Hybrid backup strategy

Since not all data providers are able to participate in cybersecurity drills, many companies adopt a hybrid backup strategy to ensure safety if a cyberattack occurs. About 38% of IT professionals said they would use a combined on-site and off-site backup strategy. The usefulness of a hybrid backup approach is that it makes it difficult to perform both on-site and off-site backups because they use different security protocols.

The Internet of Things also affects the security of data centers, mainly because as the quantity and quality of resources and data grow, people increase the need for data center security. New IoT devices are common additions to APIs and other systems that perform data analysis, which lead to increased network usage and demand. According to one forecast, by 2020, the Internet of Things will generate approximately 44 terabytes of data, and the growth in data demand requires the deployment of cloud computing or hybrid data centers to ensure comprehensive security.

There are a variety of ways that businesses can approach cybersecurity drills. Such drills don’t always include a full-scale cyberattack. It’s not practical to conduct smaller-scale drills frequently. But it’s necessary to conduct full-scale drills from time to time, although training employees is an excellent way to gradually integrate them into the process. In addition, small and medium-sized businesses may lack the resources to conduct large-scale drills.

Attack simulation tests are useful for analyzing every aspect of the response protocol. Runbook tabletop exercises provide detailed written guidance for identifying, containing, eradicating, and recovering from a cyberattack and are also beneficial in ensuring that everyone knows their role in the event of a cyberattack. Tabletop exercises are useful on a smaller scale and are the basis for planning general exercises, but do not rely exclusively on them.

One useful function of cybersecurity drills is to ensure that backups are functioning properly. While most businesses realize they have backups, whether those backups are accessible and valid is an entirely different question. Additionally, some ransomware may wipe out your data backups, so even if you can defend against sophisticated cyberattacks, you still need to conduct drills to ensure they are protected and recoverable.

Cloud backup is often a problem for enterprises because most major cloud vendors only participate in disaster preparedness drills for large enterprises. In such cases, it is important to understand the extent to which the vendor plans to help. During the drill, assume that the vendor will not help at all. Other areas to pay attention to during the drill include DDoS attack resilience, data breaches, malware attacks and physical problems, such as problems with cooling systems, routers, servers or power infrastructure.

Therefore, it is vital that data center operators do everything they can to protect themselves from cyberattacks. By following these protocols, operators can put security measures in their favor so that data remains safe.