Skip to Content

The New Cyber Resiliency Imperative

Data resiliency is more important than ever in today’s digital business landscape. Are you compromising between risk and innovation?

Actions
5 min. read

Introduction

By Ratinder Ahuja, VP, Networking and Security Engineering, Pure Storage

Today’s digital business landscape is a sprawling, interconnected world. Data is scattered beyond the traditional network across vast, heterogeneous environments. Distributed applications, as-a-service environments, open-source collaboration, and supply chains of third-party providers have transformed business, but they’ve also redrawn network perimeters.

Innovation has become necessary for business success, but it can be a double-edged sword, creating new threat vectors and multiplying attack surface areas. And security teams are struggling to keep up.

So how can businesses be truly resilient in the face of inevitable threats?

By being equipped with the strategies and solutions to make the events once considered “major disasters” more like “tolerable events.” And data infrastructures will be ground zero for the performance and resilience to make that possible.

What Exactly Do We Mean by Cyber Resiliency?

“Resiliency” can mean many things in an era where disruptions of many kinds can take down an organisation for hours or days.

The New Network Perimeter Does Not Exist

“More broadly on the vulnerability side is keeping our arms around the boundaries of the organisation. For cloud-first organisations, the bulk of systems are SaaS-based, and the developer and engineering community lives in the cloud. On top of that, we run a lot of our platforms in SaaS. The challenge from a security standpoint is having your arms around that ecosystem and making sure it's compliant with our policies and standards.”

Gone are the days of clearly defined security perimeters and the systems designed to monitor, protect, and recover them. Today’s network boundaries exist with users, cloud services, and suppliers. Defensive strategies must be just as fluid and dynamic. Consider where data flows today, between:

  • Distributed applications and hybrid cloud environments, spanning multiple media and geographies, increasing reliance on provider defenses.
  • Software as a service (SaaS), hosting critical services externally, leaving organisations to rely on the security measures of third-party providers.
  • Third-party provider supply chains, which create an interconnectedness that means a breach in one organisation can ripple across multiple entities.
  • Human and non-human identity accounts, which lack the traditional oversight and often exist beyond a human employee’s tenure.

To do without any of these innovations would be to go back to the dark ages. But, do organisations have to compromise between risk and innovation? Not if they can secure what can be seen from what they can’t see coming.

Visibility Will Be More Important Than Ever

Ransomware is a case of when, not if. Thanks to AI and other innovations, breakout times have decreased from weeks and days to hours and minutes.

Without highly performant infrastructures, SIEM, SOAR, and security log analytics simply cannot keep up with the volumes of systems and network log data required to detect anomalies in time. Data platforms can’t be bottlenecks. Storage must be performant enough to handle the volume and velocity of log data analytics platforms need to be effective.

During recovery, visibility comes into play yet again. If you can’t see and access hot-tiered data, systems, and application data, you can’t pull off near-instant recovery.

When Threats Are Inevitable, Organisations Need Guarantees

It’s not just about ransomware. Threats can originate from natural disasters, power disruption, human error, and even global tech outages from a single software update. With no way to predict when disaster will strike, organisations should be able to predict at least one thing—that they can get quickly back to business.

Super immutability, tiered availability, and recovery SLAs have become non-negotiables. Organisations must turn to services-first, SLA-driven approaches that can guarantee recovery with white glove support and clean storage environments during forensic review.

Shared Risk, Shared Responsibility

When critical infrastructures and third-party providers experience an event, risk is more shared than ever. We need to stay two steps ahead.

We’re in an innovation race against the bad guys, but we’ve got a great shot at winning.

It will take commitment from organisations, governments, and technology providers to prioritize resilience and recovery. Everyone plays a role in building resiliency into our global cyberspace. These resources delve into the must-have defenses of the future, sharing insights from top cybersecurity leaders and technological deep dives from business leaders, security engineers, and industry experts.

We Also Recommend

Your Browser Is No Longer Supported!

Older browsers often represent security risks. In order to deliver the best possible experience when using our site, please update to any of these latest browsers.