IT Brief India - Technology news for CIOs & IT decision-makers
Story image
The imperative to go beyond backup, by focusing on cyber resilience & AI
Thu, 28th Mar 2024

This World Backup Day, it is important to recognise the role that data backups and recovery play as the core components of both cyber resilience and a robust IT strategy. Data is not just a business asset that sits in some far-flung technology system or software application, it’s the backbone of modern business, innovation, government services delivery, and even consumer decision-making,  

It is vital that organisations have a backup data strategy that enables them to aggressively recover their data to a predefined point in time (RPO) and within a predefined recover period (RTO) – and the ability to do this is foundational to establishing or maintaining cyber resilience, which is the ability to generate business outcomes or maintain usual processes despite suffering an adverse cyber event.

Cyber threats are evolving with alarming sophistication and frequency, making it more difficult for organisations to be confident they can respond to a breach or cyberattack. Our recent data research found 8 in 10 respondents (split 50:50 between IT & Security) had suffered a ransomware attack between June and December 2023, and over 7 in 10 felt the threat of ransomware to their industry would increase in 2024 by over 50%. 

Effective cyber resilience, where the business can recover core business processes from their backup data, allows an organisation to maintain business continuity in the aftermath of an incident, mitigating the operational, financial, and reputational damage that a successful attack or data breach can cause. A well-architected backup and data recovery strategy is therefore not just a technical necessity, it's a strategic asset and provides a competitive advantage.

Maintaining cyber resilience is not the sole responsibility of the Security team or the IT Infrastructure team. It's a joint effort that requires coordination between IT, InfoSec, and the business functions of the entire organization. From the executive leadership understanding and advocating for the importance of backups to IT and Security teams, enabling aggressive recovery to the business, prioritising the requirements and risks to the business.

The cost of being unprepared can destroy organisations, with organisations who fail to establish cyber resilience and who have poor backup or data recovery processes, practices, and solutions, putting their viability into contention. This is because of the impact successful attacks can have in eroding customer trust, market share, and revenue generation. However, this is easier said than done, as no respondent to our recent data security and cyber resilience survey said they could recover data and restore business processes within 24 hours and only 42% of respondents could recover within 1-6 days. 

Moreover, World Backup Day is a perfect ‘call to action’ for organisations to assess and analyse cyber resilience capabilities. Just 12% of respondents said their company had stress-tested its data security, data management, and data recovery processes or solutions in the six months prior to being surveyed, and 46% had not tested their processes or solutions in over a year or at all.

Importance of cyber resilience in an AI-powered threat landscape

Private and public organisations firmly operate in a world where cyberattacks are a “when” and not “if” reality, which means being able to protect and secure data, detect cyber threats and attacks, and respond with automated data recovery processes is vital. However, with the rapid adoption and application of AI, cyber threats and data security challenges are only getting more difficult and sophisticated to address.

The increased availability and useability of AI and machine learning (ML), through large language models (LLMs) such as ChatGPT, has significantly lowered the barriers to entry for cybercriminals looking to create larger scale or more sophisticated cyberattacks, by reducing the amount of technical nous or resources previously required. 

Two examples of LLM-based cybercrime tools include WormGPT and FraudGPT, which have been advertised on dark web forums for as little as US$600. These AI-based tools can be used to produce malicious code at speed and for sophisticated phishing attacks such as business email compromise, where leaders responsible for financial decisions or sensitive data are often impersonated. 

How organisations can establish and maintain cyber resilience with AI and ML capabilities

Organisations benefit immensely from utilising the latest data security, management, and recovery technology that is increasingly being enhanced by the integration of AI and ML. AI-powered and modern data security & management capabilities that improve cyber resilience include:

  • Immutable backup snapshots: Cybercriminals’ increasing sophistication has made backups a prime target for attackers. Unlike traditional systems, where backups can be updated or deleted, these unmodifiable backup snapshots offer a secure data copy for recovery, forensics, compliance, and data integrity. 
  • AI-enabled multifactor access (MFA): MFA provides an additional layer of security that helps to ensure only authorised users gain access to sensitive information. Integrating AI into MFA extends the capability to include authentication that adapts based on data risk levels and fraud detection mechanisms that automatically block users if their access behaviour deviates from normal patterns.
  • AI retirement of inactive data: AI can help organisations determine what data has become dormant and can be archived. This helps reduce recovery time by eliminating the unnecessary recovery of unused data as well as creating efficiency and cost reduction in data storage.
  • AI & ML powered anomaly detection: AI & ML anomaly detection alerts IT teams to unplanned and abnormal changes in the size or format of data, which is usually an early indication of malicious activity. 

This World Backup Day should be a catalyst for organisations, public and private, to consider their current state of cyber resilience, data security capabilities, and their data backup processes, practices and technology. Data backups are no longer enough on their own. Organisations must have the ability to ensure the integrity and security of their data, with an organisational-wide commitment to cybersecurity to underpin business continuity. The good news is that with AI & ML-powered data security and recovery capabilities, organisations can better fight fire with fire.