Reinforcing Cyber Resiliency
Understanding Protection Requirements for Business
In order to protect the firm/enterprise, one must have the complete understanding of the business. If any work happening on the system offers any value to the organization, it requires protection. To determine these values requires an understanding of the company's main functions that keep the business going. Following this, businesses need to identify the main risks as far as availability, confidentiality, and integrity are concerned. Approach your backup systems with a business mindset.
Approaching Backup Systems with a Business Mindset
What would happen if a malware attack could prevent developers from accessing their work? How long could an organization stay in business? Backups could be the temporary answer to this problem as they are not just there in case someone deletes something, after all. Backups and disaster recovery have been readily accepted as a part of the environmental company’s plan for dealing with ransomware. Currently, if hackers attack, organizations tend to shut down that environment and move to the next environment called as warm backup. This allows the organizations to get back up and running within a relatively short period of time in terms of disaster recovery. Although data consultants can help with this work, security teams often hire outside consultants. The third parties look at a specific application, and they do an application assessment—looking at bits and pieces, but never understanding the end-to-end business processes.
Looking Beyond Security for Resiliency
Companies know their data best, which systems are most important, what is the affordable downtime, where does the data move, and where does it exist. As third parties cannot overview day-to-day activities, the only way they understand a company’s priorities is through its employees. Building resiliency across the entire organization takes everyone, including the non-security colleagues.
The finance people have been in control of people’s data for a number of years. They actually knew how to look at the transaction logs, which security initiatives never really embraced. Owing to such conditions, there is a level of control that organizations need to focus on outside of what was typically done as IT professionals.
By Nancy S. Wolk, CIO, Alcoa - Global Business Services
By John Kamin, EVP and CIO, Old National Bancorp
By Gregg T. Martin, VP & CIO, Arnot Health
By Elliot Garbus, VP-IoT Solutions Group & GM-Automotive...
By Bryson Koehler, EVP & CIO, The Weather Company, an IBM...
By Gregory Morrison, SVP & CIO, Cox Enterprises
By Adrian Mebane, VP-Global Ethics & Compliance, The Hershey...
By Lowell Gilvin, Chief Process Officer, Jabil
By Dennis Hodges, CIO, Inteva Products
By Gerri Martin-Flickinger, CIO, Adobe Systems
By Walter Carvalho, VP& Corporate CIO, Carnival Corporation
By Mary Alice Annecharico, SVP & CIO, Henry Ford Health System
By Bernd Schlotter, President of Services, Unify
By Bob Fecteau, CIO, SAIC
By Kushagra Vaid, GM, Server Engineering, Microsoft
By Steve Beason, Enterprise CTO, Scientific Games
By Steve Bein, VP-GIS, Michael Baker International
By Jason Alan Snyder, CTO, Momentum Worldwide
By Jim Whitehurst, CEO, Red Hat
By Alberto Ruocco, CIO, American Electric Power