The Most Effective Response To The Exponential Rise In Sophisticated Ransomware Is Partner-Driven Data Resilience
Cyber crime is accelerating in terms of both frequency and sophistication. Total damages done globally will equal $US6 trillion in 2021, and by 2025 that number will have topped $10 trillion. To put that into some eye-opening context: that already makes cyber crime the third largest global “economy”, behind only the United States and China.
Given that there’s little that can be done to eliminate cyber crime at its source, the next step is for businesses to find a way to protect the integrity of their critical data and build data resiliency. This should be a board-level concern, for three reasons in particular:
The potential for downtime – if malware infects systems and spreads across the network, the downtime can be prolonged, as a full investigation needs to be run across the network, and systems need to be cleaned and restored. With modern enterprises running more of their business off multi-cloud environments than ever, this becomes a significant cost per minute spread out over the course of weeks, if not longer.
Increasing regulation and social sensitivity around data – the regulation governing data breaches, reporting and penalties are only becoming stricter over time. Compounding this as a business-wide risk is the social damage that is done to brands that suffer a breach or data-loss. This damage is long-term and can take years to repair.
Finally, the same solutions that protect the IT environment from cyber attacks are a business resilience concern. As the pandemic over the last couple of years has crystalised for many CIOs and boards, business resilience needs a renewed focus, with the decentralised storage of data archives allowing for the restoration and protection of the organisation’s data, regardless of what happens to the physical location of work.
The challenge that senior leaders face is that their entire business has gone through a few years of rapid digital transformation and change, and IT security skills to implement the kind of robust archival and data recovery solutions they need to are hard to come by within their internal teams.
CIOs, CISOs and other IT leaders are struggling with resourcing these projects. Data resilience is still often seen as a secondary priority behind the immediate needs of the business until it’s too late (i.e. the data has been compromised), and budgets are being limited even as data growth continues unabated.
It is for these reasons that the channel faces a renewed opportunity to engage with their customers and become an invaluable partner in tackling one of biggest threats in modern business.
The five strategic benefits derived from good cyber recovery
There persists the idea that data security in general, and therefore cyber recovery, is a sunk cost for the enterprise. Just a few years ago only five per cent of top 100 firms listed a CISO or CSO on their executive leadership pages, and while the COVID-19 pandemic and the shift to cloud has shifted the needle somewhat, recent research shows that only around 32 per cent of organisations are confident in their ability to stop an attack in the cloud in progress.
Furthermore, internal IT teams have been busy transforming their businesses in the past two years, to embrace complex, multi-cloud environments and “keep the business lights on” by enabling remote work. At the same time they’ve had their overall IT budgets constrained.
Channel organisations that can frame data resilience as being much more than a “sunk cost” can become a more deeply embedded partner. By demonstrating the immediate and strategic value of data resilience solutions, rather than warding against something that only “may happen”, partners can help articulate these five strategic benefits to their customers:
- Resolving governance headaches – the governance risks of data breaches and losses are a board-level discussion. Cyber recovery is a critical component in helping organisations meet their governance responsibilities.
- It’s possible to build “hands-off” solutions – for stressed and under-budgeted IT teams, best-practice data resilience, leveraging Automated Data Copy and Air Gap technology, will be “hands-off” for their IT people, and yet reliable so that when (not if) they need it, it’s there.
- The IT team can get deeper analytics – A properly architected data resilience strategy will give the IT team access to better insights in how data is created and worked with within the organisation that can help drive strategic decisions.
- Minimal downtime – Being able to quickly recover clean datasets minimises the cost of any downtime, and prevents the risk of further data being lost in recovery.
- Better architecting of the environment – The rush to transformation has resulted in IT environments in need of re-architecting and design. The data resilience can give the partner deep insights to the whole IT environment, deepening the discussions that they can have with their customer across the whole of the IT environment.
Partnering towards strategic success
Dell Technologies has structured its partner program around enabling partners to have these discussions with their customers. A four-tier program provides partners with scaling incentives and rewards, in line with the partner’s own investments into training and commitments to Dell Technologies solutions. Higher tiers can access partner and technical advisory services, as well as market development funds and executive support.
Dell Technologies’ channel enablement is comprehensive and deep, with training and competencies that span sales, pre-sales, technology and services, and partners are able to access the same training as Dell Technologies’ internal sales teams. Partners can also bring Dell Technologies into the conversation with their customers, with co-delivery options available as further support in deployment.
Meanwhile, a comprehensive suite of sales tools will assist partners on positioning solutions to their customers. With the complexities of data resilience in multi-cloud, digitally transformed environments, partners will need to develop tailored and specialised solutions for their customers. The flexibility and comprehensiveness of Dell Technologies solutions is supported by a partner program focused on enablement and customer delivery, which will empower partners to reach their customers and address their unique challenges.Learn more about the Dell Technologies partner program here.
The channel are the ones with the skills and capability to tackle data resilience
The appeal of a multi-cloud approach to IT is clear – it allows organisations to scale rapidly as needed, while also managing costs and, in theory, improving the security of data and applications by allowing sensitive workloads to be kept in private cloud environments. Virtually every business that has enabled remote working in the past two years, or that is looking for competitive advantage moving forward is embracing cloud.
The problem that they face is that the frequency of attacks is lifting considerably, and that those attacks are becoming more sophisticated. Gartner has even gone as far to say that by 2025 cyber attackers will have found ways to weaponise operational technology environments to harm humans.
At the same time there’s the sense that many businesses over-estimate just how prepared they are for that accelerating sophistication. There is a global IT security skills shortage that is impacting on every market across APAC, and a multi-cloud IT environment is a reasonably new approach to computing. Putting those two things together means that many IT teams need to bring in additional skills (or develop them internally) before their teams could be considered experts. Research conducted by ESG for Dell Technologies found that IT staff skill sets are the single top challenge in data protection for VM environments – just imagine the extent of that challenge for more “new frontier” when layered on multi-cloud environments.
This is all an opportunity for the partner to have a detailed conversation with their customers, Dell Technologies Channels Leader, Alwyn David, said. “A knowledgeable partner will be able to guide the conversation in a way cements their role as a trusted advisor, because there’s a lot that can be done to modernise data resilience in the era of the cloud that a lot haven’t thought about yet. Simply asking the CIO if they have considered putting the data into a remote environment and taking it offline as a solution to data resilience is something that, in the cloud era, many haven’t considered. However, once it is offline, the question then becomes how you automate that connection back to the environment for syncing and recovery? And how do you harden your backup environment, your data protection environment, build in multi factor authentication, add zero trust security, and so on? There are layers of engagement that the channel partner can have with their customers, and so much of it will position them as the thought leaders.”
With IT security talent being in such limited supply, enterprise CIOs are leaning on partners to have these conversations and architect these kinds of data resilience strategies.
New strategies to overcome ransomware
Ransomware attacks have increased by almost 500 per cent since the start of the COVID-19 pandemic, and the average downtime from a ransomware attack is 21 days. For just about every organisation, ransomware isn’t so much a matter of “if”, but rather “when.”
One of the most famous examples of the devastating potential of ransomware came from a few years ago, when WannaCry first hit the scene. It nearly took over the entire global systems of one of the world’s largest shipping and logistics companies. The only thing that saved the company was that one of its satellite offices in Africa had been offline due to a power outage when the ransomware hit.
This highlights the importance of the Air Gap to the data backup. Keeping a copy of the data secure and separated from the network is important in preventing network-wide attacks from compromising every copy of the data. For that company the “air gap” was fortuitous. The channel has an opportunity to highlight the value of doing this as a deliberate strategy that will protect the entire environment.
Partners have access to a large suite of solutions from Dell Technologies to effectively deliver these environments. For example, Dell Technologies has integrated CyberSense into its Cyber Recovery vault specifically to monitor and protect this all-important clean version of the data. With content indexing, backed by machine learning, the CyberSense solution constantly analyses more than 100 content-based statistics to immediately detect signs of corruption due to ransomware. Dell Technologies claims that this solution is 99.5 per cent effective, meaning that the Air Gapped recovery is going to be available as an immediate response to a ransomware attack, and that, in turn, will minimise downtime.
Dealing with the challenge of scale
Scale is another problem that enterprises will turn to their partners for assistance with. As noted by IDC, data creation and replication will grow at a faster rate than the installed storage capacity. When it comes to backups, where copies of everything are stored, the sheer costs of storage can be prohibitive.
This has an impact on the entire IT environment, beyond the data resilience, and, Dell Technologies claims, it’s one of the core benefits of partnering with a vendor that operates at such a broad scope – the partner is able to help their customers develop holistic, all-of-IT strategies, rather than simply deploy a point solution.
One example is backup, where Dell Technologies’ expertise in virtual environments supports the management of the data environment. As Dell Technologies claims, in many instanced backups are still handled as they were as far back as 2009, when VMware first introduced VADP (VMware APIs for Data Protection). Unfortunately, 12 years later, VM environments are much larger and operate much more quickly, meaning that the backups can cause the overall environment to run into performance issues. In the absence of a better solution, many CIOs will be forced to revert to agent-based backup, which can address the performance issues, but is a manual-heavy approach from back in 2003, and in no way adequate for proper data policy now.
Dell Technologies Partners have a solution to this challenge, which is an ESX plugin called Transparent Snapshots, built in the Dell EMC PowerProtect Data Manager. This solution directly reads the virtual machine disks to obtain “deltas” (changes to data that has been backed up), and therefore streamline the subsequent backup process for any hot data in active use. It means that the deltas are captured as traditional image backups, without causing the overlying application to experience a slowdown.
This also helps the CIO manage costs, as Transparent Snapshots don’t require expensive flash storage solutions, as this became the standard approach for overcoming the performance challenges of VADP.
In all, Dell Technologies claims that the Transparent Snapshot solution results in backups that are five times faster, with five times reduced latency, and that the CIO and IT team don’t need to do anything to enable this technology in the environment. It is an example of how Dell Technologies’ experience at all levels of the technology stack allow partners to take complete solutions to their customers that have been designed to be interoperable.
For more information on Dell Technologies’ data archival solutions, click here.