[BreachExchange] Three Ways to Mitigate Your Company’s Data Risk in 2019

Destry Winant destry at riskbasedsecurity.com
Wed Dec 19 18:06:28 EST 2018


http://www.dataversity.net/three-ways-mitigate-companys-data-risk-2019/

Entrepreneurs are natural risk takers, and risk is necessary to grow a
business. But some risks are out of a business leader’s control and
these outside forces must be considered for the overall longevity and
survivability of a business.

Catastrophic events that include earthquakes, tsunamis, volcanoes,
hurricanes and wildfires seem to be increasing in intensity.
Cyberattacks are becoming so large-scale, their financial
repercussions are lasting – hitting businesses with revenue losses,
reputational damage, technology clean up, harsh fines, or worse,
losses that are so severe they can’t recover. And outages of any kind
– whether internet, cloud or a network providers failure can halt
business immediately.

Whether direct or indirect, these events do create ripple effects in
our hyperconnected world through shared technology ecosystems, supply
chains, data and intelligence. This new and enabling – yet potentially
crippling – dependence on technology has created a climate where 93%
of organizations have experienced a technology-related business
disruption in the past two years. As a result, businesses need to
assess their current vulnerabilities, determine their risk tolerance
levels, and act to mitigate any weak spots.

Below are three ways companies can mitigate their data risks in 2019
and foster more resilience.

1. Assess Geodiversity for Employees and Technology: Are most of your
company’s assets, including your employees in one location? In the
event of a disaster, putting people first should always be a top
priority. Having an action plan to relocate employees and their
families to a safer location if needed, is something that’s often
overlooked, but it can save your most valuable assets. With the use of
innovative technology like virtual desktops, employees can remain safe
and also perform critical work functions remotely if needed. As your
company expands, consider employing people in multiple locales or
leveraging a remote workforce.

For IT, it’s important to have geodiversity in your data centers. The
estimates of the financial losses when data centers go down are
frightening – 98% of enterprise organizations say a single hour of
downtime costs more than $100,000, according to ITIC. In addition,
according to IDC estimates, 50% of organizations would not be able to
survive a disaster event at their current level of preparedness –
often due to a lack of properly protected and staged offsite data.
Assess your company’s critical data and IT services risks. Determine
if redundancy, continuous replication and availability of data exists,
and if data can be moved quickly and easily to the cloud, or to an
alternate data center when needed.

2. Avoid Vendor Lock-in: Modern consumers expect availability at all
times. Your internal consumers rely heavily on technology to do their
jobs. Therefore, it’s imperative that a modern organization provides
services engineered to be immune to mistakes, hardware failures,
security compromises, and data loss.

A recent Lloyds of London report calculated a catastrophic Cloud
outage in the US to cost $19 billion. The reliance on many Clouds
instead of just one Cloud Provider hedges risk should one go down,
preventing this level of cost, and creating more flexibility for an
organization. This was something that Jayme Williams, Senior Systems
Engineer at TenCate realized, opting to deploy a Multi-Cloud Strategy
after experiencing multiple ransomware attacks. This example
highlights how redundancy in Cloud environments is critical, and the
same should be true for your networks. Do you have failover options in
place? A small investment in failover solutions that leverage 4G/5G
wireless now can increase diversity, augment your current service and
help ensure continuous business uptime should things go down.

IT organizations should also have the capability to shift data and
workloads confidently, seamlessly, and with lightning speed to, from
and between on-premises environments and any of a range of Cloud
Providers. Business leaders should ensure their technology is chosen
with interoperability in mind, with the potential to move workloads
easily and without disturbing or disrupting business.

3. Plan and Practice: Lastly, you don’t want to wait for a natural
disaster to bang down your door. Proper planning, that is pre-approved
and practiced across all departments, is critical for success, should
the worst happen. Plans must be laid out clearly with owners and step
by step instructions. Plans must be signed off across all department
heads, including your board of directors. This involves extended
coordination and continuous communication, and in times of trouble
will prove to make things as seamless as possible.

In 2019, it is almost guaranteed that the risks that organizations
face will only grow in number, which makes it reassuring that a recent
survey found that 94% of businesses expect to spend more on IT
resilience in the next 24 months. So as sales teams push to close out
the year with big numbers, IT teams and business leaders should also
focus on shoring up defenses, reviewing plans for action if needed and
metaphorically bearing down the hatches for what is to come.


More information about the BreachExchange mailing list