• About
  • Subscribe
  • Contact
Thursday, May 8, 2025
    Login
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
No Result
View All Result
Home Technology

Over-rotating cybersecurity leaves gaps in DR plans

Dave Russell by Dave Russell
December 2, 2021
Photo by Andrea Piacquadio from Pexels

Photo by Andrea Piacquadio from Pexels

Since the beginning of the pandemic, IT departments have sharpened their collective focus on cybersecurity. They’ve doubled down on protective measures to stop hackers from stealing data and launching record numbers of ransomware attacks. In the process, many may have taken their eyes off other threats that can cause just as much damage as a cyberattack.

Human error remains the most common cause of data loss. Studies show that corporations lose nearly five times the amount of data through accidental deletions and overwrites as they do from malicious incidents. Accidental configuration, application and user administration errors also can crash systems, delete data and cause costly outages.

Natural disasters are a growing problem. According to the recent UN Asia-Pacific Disaster Report 2021, these have been exacerbated by the persistent threat of COVID-19 which has merged with natural hazards, made worse by climate change, to reshape and expand the disaster “riskscape” in Asia and the Pacific. The UN study also called for a “paradigm shift” from managing disasters to investing in prevention and the building of resilience.

While increased attention to cyberattacks is warranted, organizations need to reprioritize their disaster recovery (DR) strategies to meet the real threat landscape we see today. They need to invest in employee training, automate functions in the DR process, and make sure DR plans and processes are ready to handle sudden, unforeseen incidents that threaten their business continuity.

APAC faces critical data recovery challenge

If they don’t, their operations will suffer. According to one study, 94% of companies globally that experienced a catastrophic data loss don’t survive; 43% never reopen and 51% shut down within two years. Those that do stay in business lose $84,650 per hour in lost revenue and productivity, according to Veeam’s 2021 Data Protection Report.

The report also dived into the views of more than 1,715 Asia Pacific organizations to understand how they approached data protection. Asia Pacific businesses reported that 56% of their data could not be recovered because of failed backup and recovery operations.

Can businesses truly afford to only recover half of their critical data in the event of downtime? While 82% of all organizations in the region recognized that they have an “Availability Gap” between how fast they can recover applications versus how fast they need applications to be recovered.

This must change, and employee training is a good place to start. Any organization that didn’t implement a new round of cybersecurity training for workers during the pandemic should make this a top priority. This should include usual best practices ranging from following incident notification procedures to selecting strong passwords to avoid phishing scams.

But training should extend to IT operators, as well. Configuration errors can be reduced by following a series of best practices. These include creating a single configuration source, providing an easy way to track configuration changes, and using DNS Service Names for all services.

Because there’s no way to test every conceivable condition, application errors will occur. But reviewing and upgrading testing procedures regularly can lead to improved performance and reduce the number of careless errors in everyday practice.

Priority to automate and streamline DR

Automation should be a top priority coming out of the pandemic. Not only does it reduce human errors in everyday processes – it gives staff more time to perform more strategic, higher-level tasks. This is just as true for IT as it is for those in the office.

Organizations increased their investments in automation technologies over the past two years, and they should continue to do so – to enhance productivity and provide higher levels of security.

Automating the disaster recovery process can save time and improve overall response. Today’s applications and data sets are larger and more complex, distributed, and interdependent than ever. This renders the successful recovery of even a single application — not to mention entire sites — incredibly difficult, making orchestration of recovery processes an indispensable tool.

Given the high stakes, now is a good time for organizations to look more closely at their DR plans and procedures to make sure they’re ready to implement in a quick fashion. Here are some tips to follow:

  • Check the specifics: Having a plan that’s up to date and validated for a corporation’s specific business needs is critical. Needs have probably shifted since the pandemic started. If you haven’t revisited your plan in more than a year, it should be a top priority. 
  • Review your documentation: Having easy-to-follow, comprehensive documents available during system restores can save time and avoid stress. These are time intensive to create and they should be continually reviewed – preferably by the people who’ll have to use the documents when it’s time to dust them off.  
  • Update identity accesses: With changes in service consumption, gaps have likely developed from an identity confirmation standpoint. Make sure the right people are authorized to perform critical system functions during that time-sensitive period when systems are down.
  • Rethink DR/resilience plans: With increased usage of external devices, organizations should rationalize their plans to incorporate end-to-end protection, from the workforce to the endpoint.  
  • Ramp up testing: Test each application individually to make sure you’re meeting your key metrics – mainly the recovery time objective (RTO) and recovery point objective (RPO).

Conclusion

Cyberattacks are on the rise, and organizations need to devote significant amounts of attention to protect against them. But disasters come in different forms. To ensure they’re protected once one hits, IT departments should make sure their recovery plans and procedures are in place. Their businesses depend on it.

Related:  Why data protection needs an urgent rethink
Tags: data protectiondisaster recoveryphishingrecovery point objectiverecovery time objectiveVeeam
Dave Russell

Dave Russell

A 30-year veteran in the storage industry, Dave Russell is Vice President of Enterprise Strategy at Veeam, responsible for driving strategic product and go-to-market programs, spearheading industry engagement and evangelizing Veeam’s vision for the Cloud Data Management at key events across the globe and working with the Executive Leadership team in accelerating the company’s growth in the enterprise. Prior to Veeam, Russell held the role of Vice President and Distinguished Analyst at Gartner. His research focus at Gartner was on storage strategies and technologies, with an emphasis on backup/recovery, snapshot and replication, software-defined storage (SDS) and storage management. He was the lead author of the Magic Quadrant for Data Center Backup & Recovery Solutions from 2006 to 2018. Prior to joining Gartner, Russell spent 15 years at IBM in storage product development as a Software Engineer in mainframe backup/recovery and as a manager of product development, architecture and strategy teams for distributed systems backup/recovery and storage solutions.

No Result
View All Result

Recent Posts

  • Agentic AI-powered AppSec platform launched for the AI era
  • IDC forecasts GenAI alone will grow at a 59.2% CAGR
  • Dataiku brings new AI capabilities to create and control AI agents
  • Microsoft reveals the rise of a new kind of organisation in the AI era
  • St Luke’s ElderCare enhances data security and user experience with Juniper

Live Poll

Categories

  • Big Data, Analytics & Intelligence
  • Business Applications & Databases
  • Business-IT Alignment
  • Careers
  • Case Studies
  • CISO
  • CISO strategies
  • Cloud, Virtualization, Operating Environments and Middleware
  • Computer, Storage, Networks, Connectivity
  • Corporate Social Responsibility
  • Customer Experience / Engagement
  • Cyber risk management
  • Cyberattacks and data breaches
  • Cybersecurity careers
  • Cybersecurity operations
  • Education
  • Education
  • Finance
  • Finance & Insurance
  • FutureCISO
  • General
  • Governance, Risk and Compliance
  • Government and Public Services
  • Growth Strategies
  • Hospitality & Tourism
  • HR, education and Training
  • Industry Verticals
  • Infrastructure & Platforms
  • Insider threats
  • Latest Stories
  • Logistics & Transportation
  • Management Leadership
  • Manufacturing
  • Media and Telecommunications
  • News Stories
  • Operations
  • Opinion
  • Opinions
  • People
  • Process
  • Remote work
  • Retail & Wholesale
  • Sales & Marketing
  • Security
  • Tactics and Strategies
  • Technology
  • Utilities
  • Videos
  • Vulnerabilities and threats
  • White Papers

Strategic Insights for Chief Information Officers

FutureCIO is about enabling the CIO, his team, the leadership and the enterprise through shared expertise, know-how and experience - through a community of shared interests and goals. It is also about discovering unknown best practices that will help realize new business models.

Quick Links

  • Videos
  • Resources
  • Subscribe
  • Contact

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
Login

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Subscribe