Business disruption is inevitable today. And increasingly it’s down to cyber incidents. Attacks caused $10.3bn in losses last year, in cases reported to the FBI alone. Even this figure is likely to be just the tip of the iceberg. With so much at stake, organizations need to look at ways to minimize the downtime that can result in serious financial and reputational damage.
This is where business continuity planning (BCP) comes in. Where cyber risk is concerned, organizations looking to minimize disruption would be wise to consider data-centric security as part of a multi-pronged strategy.
Business continuity is defined by the UK’s Business Continuity Institute as: "The capability of an organization to continue the delivery of products or services at pre-defined acceptable levels following a disruptive incident.”
An incident could be anything from a flood, to a utilities outage which takes out a datacenter. It could also be a supply chain failure, many of which occurred during the pandemic. But increasingly it’s the result of a serious cyber-attack. These also vary in type, from a ransomware compromise which can lock down files until a fee is paid, to a distributed denial of service (DDoS) attack which might make online infrastructure unavailable for a period.
Increasingly, such attacks are focused on data theft—whether they’re the work of a nation state, hacktivist group or financially motivated cyber-criminals. Ransomware has become a leading cause of such incidents, driven by cybercrime. In fact, a quarter (24%) of data breach incidents investigated by Verizon over the past year were traced back to ransomware.
Organizations must focus on BCP in this context not only to minimize financial and reputational damage, but also to ensure compliance with transnational regulatory mandates. The EU’s NIS 2 will force operators of essential services in various sectors to ensure continuity of operations in the event of a serious attack. They will need a verifiable incident response plan to ensure rapid recovery.
A BCP should cover the entire business. But IT systems are such a key component of business operations that it may make sense to draw up a specific plan on how to tackle cyber-threats. Consider the following checklist:
A BCP will probably include proactive measures like security awareness and training, patch and vulnerability management, multi-factor authentication and perimeter security. But defensive measures are never 100% successful. This is where data-centric security comes in. By automatically discovering and classifying data across the enterprise and then applying strong protection, organizations can greatly limit the impact of a breach. That will help to minimize the time and resources spent on the following major post-breach costs:
In short, applying data-centric security like tokenization means critical data can remain in use even if it has been accessed by threat actors. It means breached organizations can quickly recover and restore systems, minimizing recovery time objective (RTO) and maintaining operational resilience.
In fact, Forrester research claims that comforte’s Data Security Platform could result in millions of dollars’ worth of savings by:
Reducing the financial impact of a data breach by rendering any stolen data useless to hackers ($5.4m)
Simplifying auditing and compliance by, for example, taking data out of the scope of PCI DSS (over $1m)
According to IBM, 83% of organizations have had more than one data breach. That means it’s not a case of if, but when, the next attack strikes. When it does, data-centric security can be a force multiplier for enhancing business continuity.