Cybersecurity Resiliency: Backup and Protection

Male with laptop in hand.
Published

Whether as a result of a cyber-attack or an accident, managing the risks around potential data loss – both organization and customer data – should be a primary business objective, aligned with a broader cybersecurity and business continuity strategy.

Solid cybersecurity is a must for any organization. In July, President Biden issued a directive instructing federal agencies to create voluntary cybersecurity goals for companies that operate crucial U.S. infrastructure. The effort is the latest by the administration attempting to bolster the nation’s defenses against disruptive cyberattacks, an area the president and his senior aides repeatedly have said is a top national security threat, especially after several recent high-profile ransomware attacks disrupted cornerstones of American life and business.

FRA has partnered with Silent Quadrant, a digital protection agency and consulting practice, on a four-part special blog series on digital protection for the wood supply chain. The series relates the following principles to the industry: Visibility & Control, Vulnerability & Protection, Backup & Patching, and Incident Response & Training.

Your data, information, programs, and processes are the foundation of your organization and business – if you lose them, or access to them, recovery can be slow, costly, or in many cases, impossible. And in the case of critical infrastructure/critical industries, data held hostage in a ransomware attack and unavailable may severely impact the lives of the public at large.

Visibility and identification are the first steps in designing a data backup strategy – what information should be backed up and how frequently. Prioritize critical and/or high-value data, which should ideally be backed up more frequently than non-critical data. It is important to take a strategic view of all data being generated across all applications in use within your organization to ensure completeness.

Data such as financial records, customer information, HR and internal information, research, proposals, and any other critical information that you cannot afford to be without should be designated and prioritized as critical/high-value. Additionally, network and systems configuration information, policy and process documents, application license information, and any applications that cannot be quickly accessed and restored from a cloud service should be included as well.

Silent Quadrant, in conjunction with FRA, has developed a short survey to learn about the importance of cybersecurity for organizations and associations like the one you represent. Your feedback will assist us in providing important information to our members on protecting against cyber threats.

This survey should take no more than 5 minutes to complete, and we appreciate your help! Please
CLICK HERE to complete the confidential survey by Friday, September 3.

Cybersecurity Resiliency: Backup and Protection

Whether as a result of a cyber-attack or an accident, managing the risks around potential data loss – both organization and customer data – should be a primary business objective, aligned with a broader cybersecurity and business continuity strategy. Loss of data can impact an organization for days, weeks, months, or even longer. Diversified data backups serve as your primary risk management resource against data loss, whatever the cause.

Data loss can occur from:

  • Accidental damage, deletion, or modification of data
  • Hardware failure
  • Local disasters
  • Lost or stolen devices
  • Modification, deletion, or corruption of files by malware or malicious code
  • A ransomware attack requiring a large payment before files are unlocked

Your data, information, programs, and processes are the foundation of your organization and business – if you lose them, or access to them, recovery can be slow, costly, or in many cases, impossible. And in the case of critical infrastructure/critical industries, data held hostage in a ransomware attack and unavailable may severely impact the lives of the public at large.

Visibility and identification are the first steps in designing a data backup strategy – what information should be backed up and how frequently. Prioritize critical and/or high-value data, which should ideally be backed up more frequently than non-critical data. It is important to take a strategic view of all data being generated across all applications in use within your organization to ensure completeness.

Data such as financial records, customer information, HR and internal information, research, proposals, and any other critical information that you cannot afford to be without should be designated and prioritized as critical/high-value. Additionally, network and systems configuration information, policy and process documents, application license information, and any applications that cannot be quickly accessed and restored from a cloud service should be included as well.

Bottom Line: If losing the data will interfere with doing business and serving your customers and stakeholders, it needs to be backed up.

Backups should occur on a regular cadence. The more critical the data is, the more often it should be backed up. Automation is key to ensure that backups occur either after edits are made to the data – depending on the criticality – or at regularly scheduled intervals. Data designated as critical/high-value should be backed up at least daily, if not several times per day.

When implementing your backup strategy, ensure that you are creating, at a minimum, three copies of your data:

  • All copies should be encrypted.
  • Two copies should be nearline and immutable: relatively easy to access for recovery and business continuity purposes, and neither copy can be altered once the backup has been written to a storage medium.
  • One copy should be stored completely offline, not accessible via the Internet.

Once your backup strategy has been implemented, ensure that a once-monthly recovery test process is established; this provides regular validation of data integrity, as well as rapid access to and restoration of data. Your backup strategy should be documented and made available to your organization’s incident response team.

As a key element of your organization’s business continuity processes and planning, a sound data backup strategy is the single best proactive defense against systems failure, data mishap, and system compromise / ransomware attack.