Grayson Milbourne, Security Intelligence Director at OpenText Cybersecurity Company, weighed in on the importance of structured backup and recovery plans for organizations looking to be well-prepared for cyberattacks:
"Despite a businesses’ best efforts, it’s impossible to guarantee a breach won’t happen. Having a documented plan to detect, contain and respond to attacks can greatly minimize the time it takes to recover critical data and maintain operations. Identifying a businesses’ most valuable data assets and ensuring these assets are secured is an essential starting point. Access control is the biggest business vulnerability for most companies, therefore, following a zero-trust mentality and limiting access to only those employees that need it greatly minimizes damage in the event an employee is breached. Recovery plans should be specific and rehearsed periodically as during a ransomware attack, time is money. Attackers will increase the ransom amount the longer it takes to pay.
Because even carefully built backup-and-recovery plans can be compromised in an attack, additional safeguards are important. Keep multiple copies of backups in different domains (e.g., local and cloud). Likewise, consider backup solutions that do not allow an attacker to rewrite, encrypt, or modify previous backups. Lastly, keep a history of restored points and backups that cannot be compromised, this will allow access and restore from a good copy of an earlier snapshot.
Most importantly, implement ongoing security awareness training. Education goes a long way in preventing an employee from making a costly mistake."