The New Cyber Resiliency Imperative

By Ratinder Ahuja, VP, Networking and Security Engineering, Pure Storage

Today’s digital business landscape is a sprawling, interconnected world. Data is scattered beyond the traditional network across vast, heterogeneous environments. Distributed applications, as-a-service environments, open-source collaboration, and supply chains of third-party providers have transformed business, but they’ve also redrawn network perimeters.

Innovation has become necessary for business success, but it can be a double-edged sword, creating new threat vectors and multiplying attack surface areas. And security teams are struggling to keep up.

So how can businesses be truly resilient in the face of inevitable threats?

By being equipped with the strategies and solutions to make the events once considered “major disasters” more like “tolerable events.” And data infrastructures will be ground zero for the performance and resilience to make that possible.

“Resiliency” can mean many things in an era where disruptions of many kinds can take down an organization for hours or days.

Gone are the days of clearly defined security perimeters and the systems designed to monitor, protect, and recover them. Today’s network boundaries exist with users, cloud services, and suppliers. Defensive strategies must be just as fluid and dynamic. Consider where data flows today, between:

• Distributed applications and hybrid cloud environments, spanning multiple media and geographies, increasing reliance on provider defenses.
• Software as a service (SaaS), hosting critical services externally, leaving organizations to rely on the security measures of third-party providers.
• Third-party provider supply chains, which create an interconnectedness that means a breach in one organization can ripple across multiple entities.
• Human and non-human identity accounts, which lack the traditional oversight and often exist beyond a human employee’s tenure.

To do without any of these innovations would be to go back to the dark ages. But, do organizations have to compromise between risk and innovation? Not if they can secure what can be seen from what they can’t see coming.

Ransomware is a case of when, not if. Thanks to AI and other innovations, breakout times have decreased from weeks and days to hours and minutes.

Without highly performant infrastructures, SIEM, SOAR, and security log analytics simply cannot keep up with the volumes of systems and network log data required to detect anomalies in time. Data platforms can’t be bottlenecks. Storage must be performant enough to handle the volume and velocity of log data analytics platforms need to be effective.

During recovery, visibility comes into play yet again. If you can’t see and access hot-tiered data, systems, and application data, you can’t pull off near-instant recovery.

It’s not just about ransomware. Threats can originate from natural disasters, power disruption, human error, and even global tech outages from a single software update. With no way to predict when disaster will strike, organizations should be able to predict at least one thing—that they can get quickly back to business.

Super immutability, tiered availability, and recovery SLAs have become non-negotiables. Organizations must turn to services-first, SLA-driven approaches that can guarantee recovery with white glove support and clean storage environments during forensic review.

When critical infrastructures and third-party providers experience an event, risk is more shared than ever. We need to stay two steps ahead.

We’re in an innovation race against the bad guys, but we’ve got a great shot at winning.

It will take commitment from organizations, governments, and technology providers to prioritize resilience and recovery. Everyone plays a role in building resiliency into our global cyberspace. These resources delve into the must-have defenses of the future, sharing insights from top cybersecurity leaders and technological deep dives from business leaders, security engineers, and industry experts.