Sergei Serdyuk, VP of Product Management at NAKIVO, believes that today’s escalating cyber risks demand advanced, multi-layered strategies for true resilience, as he explains.
It is no secret that the increasing sophistication of cyber attacks has resulted in a rise of potential threats to data centres’ digital assets, with the level of strategic planning required to ensure comprehensive and resilient data protection becoming ever-more complex.
Successfully implementing the number of data protection tactics and procedures necessary by today’s standards requires not only a thorough understanding and consideration of all of the potential attack vectors, but also a multi-layered, proactive approach by data centre operators.
Missing even one key step could leave the business vulnerable to data breaches and ransomware attacks, empowering threat actors with the ability to extort sensitive information.
With data now dispersed across various endpoints, including on-premises, in the cloud, and at the edge, it is critical that advanced data protection strategies are made a priority, ensuring data centre organisations are as prepared as possible for any eventuality of data breach or loss.
Cybersecurity challenges facing data centres
When it comes to the most significant cybersecurity risks for data centres, ransomware comes on top, with attacks targeting not just operational data but also backup systems. This attack method involves encrypting essential data and disrupting operations until a ransom is paid, leading to significant business losses, prolonged downtime, and potential reputational harm.
The possibility of insider threats is also an issue that should be considered, as unauthorised staff or contractors can potentially leak data or interfere with data centre operations.
Finally, we can’t ignore supply chain attacks and advanced persistent threats that go undetected and inflict significant damage over long periods.
Mitigating the attack surface
In response to the changing cyber threat landscape, organisations should ensure they evolve their cybersecurity strategy to become more proactive and adaptive, with regular backups at its core. Backups must be encrypted and immutable both on-premises and in the cloud to prevent ransomware threats, with malware scanning to identify and neutralise any potential infections before data recovery.
It is also vital to increase employee training and awareness programmes to ensure staff can recognise and respond to threats early on. Regular security audits and penetration testing should also be integral to the strategy.
Additionally, adopting a zero-trust architecture ensures that no device or user is trusted by default.
Addressing unique security challenges
At the core of an organisation’s operations should be a data protection solution that provides a comprehensive set of features and tools to help address security challenges in hybrid/multi-cloud and edge environments. Ideally, its capabilities should include: a centralised interface for backup management across diverse virtual, physical, cloud, SaaS, NAS and mixed environments, with immutability in local and cloud storage repositories to prevent modification and deletion.
Encryption, which is a powerful tool that effectively conceals data by modifying it to look like random data, can be utilised at the source, in flight and at rest to protect data from theft and breaches.
Utilising access control tools like RBAC (Role-Based Access Control – which involves setting permissions and privileges to enable access to authorised users), and 2FA (two-factor authentication – requiring two forms of authentication to access resources) for more granular control backup data access, is a valuable additional practice to build resilience into the data protection strategy.
Maintaining granular backup policies will aid in ensuring security and compliance requirements are met, such as retention periods, flexible backup frequency and point-in-time recoveries. Employing advanced automation tools to automate backup and recovery processes across both on-premises and cloud-based environments, followed by continuous VM monitoring to identify potential issues and quickly detect suspicious activity in real time – are both robust elements of a successful strategy.
Finally, organisations should carefully consider the potential security issues associated with AI and implement appropriate safeguards to protect against them. The combined arsenal of malicious AI tools, novel attack tactics, and as-a-service cybercrime models are changing the threat landscape forever. Defending against AI-driven threats requires a comprehensive approach that incorporates advanced technologies, robust policies, and continuous monitoring. Preventative measures should include: the use of AI and ML security tools, regular vulnerability assessments, AI deepfake detection tools, robust email and communication security capable of accurately detecting and blocking phishing emails, spam, and malicious attachments, as well as regular security training and the education of employees on the latest AI threats.
Investment in cybersecurity skills development
While ensuring the data protection strategy is as watertight as possible is of course crucial, if organisations’ processes and staff procedures are not keeping pace with the cyber threat landscape, and are not fully tested and aligned to that strategy, the data centre will still be at risk.
Data centre businesses must ensure its employees are well informed about all forms of risk in order to implement measures to prevent overwhelming cyberattacks. Emphasis should also be placed in ensuring technological competency and skills training in staff so they are able to counter specific challenges. It is vital that investment be made in advanced cybersecurity training and development for creating an adaptable and more resilient workforce. It’s no longer enough to rely solely on traditional security skill sets and knowledge. A dual approach is the best way to tackle this. Firstly, internally, with ongoing upskilling programmes focusing on cloud security, cybersecurity awareness, threat analysis and zero-trust architectures. Secondly, externally, with the active search and acquisition of talents with expertise in areas such as penetration testing, threat detection, incident response and others.
Additionally, fostering a culture of security awareness ensures that all employees, not just the IT team, are vigilant and proactive in protecting business assets.
Finally, all of the steps implemented should be regularly tested, evaluated and updated where necessary to ensure all procedures are robust enough to handle any incidents or potential attacks on the part of threat actors. With these proactive measures in place, businesses can substantially increase data protection resilience and get out ahead of the game.
