A series of ransomware attacks motivated by financial gain sent Costa Rica spiraling earlier this year. Hackers successfully hacked payroll systems, customs, tax processing, utilities, and other vital services. The government was forced into declaring a national emergency. This was not the first incident of this nature. Last year, Ireland was hit with a similar attack on its National Health System that paralyzed its services for nearly a week.
This demonstrates the growing threat landscape for both governments and businesses. Even non-cyber threats such as terrorist attacks, natural disasters and political upheaval will become more unpredictable and/or less frequent in the future.
It is no longer possible to react.
Businesses need to refocus their efforts in business continuity and disaster recovery (BCDR), to place a greater strategic emphasis on overall IT resilience.
But how do you get there?
Many companies don’t realize that they can expand their IT modernization efforts to increase resilience within their organization’s DNA. Modernization technology offers new options for protecting our organizations while cutting costs, protecting customers, data, and reputations.
Enhancing IT resilience
Traditional BCDR efforts still have a place, but they are not sufficient when it comes down to ransomware. That’s because these efforts are often siloed, lack technical depth, use outdated technologies and are compliance-oriented–which means they are often limited to doing “just enough.”
Ransomware is still a concern at the board level, but organizations must raise and expand the BCDR conversation. They should be focusing more on IT resilience and finding cost effective ways to improve this capability.
This requires a change in thinking.
Adopting a resilient-by design mindset is the first step to solving this problem. This mindset can be furthered by taking advantage of existing modernization efforts to address resilience requirements. You already use cloud technologies and automation for modernizing your IT environment. You can now extend those benefits to improve your resilience. You won’t be focusing on improving your ability react to an emergency. Your modernization efforts will help your IT resilience function mature.
Automation is the accelerator
BCDR’s management of physical environments has been a key component in the past. These environments were managed with a legacy mindset, which leveraged manual processes that were vulnerable to inefficiency and human error.
The Uptime Institute’s 2022 outage analysis shows that nearly 40% of organizations have experienced a major outage due to human error in the last three years. These incidents are caused by staff failure to follow procedures or flaws within the procedures.
We live in a digital age, which offers new opportunities for IT resilience that goes beyond managing physical environments or using manual processes.
The evolution of both public cloud services and Infrastructure-as-Code (IaC) creates new opportunities to improve the speed, agility and efficiency of IT resilience efforts. IaC allows us to programmatically build servers and other networking equipment with high accuracy. If companies have prepared for a disaster, they can now run code to rebuild their environments within hours or days instead of manually restoring them over days or weeks.
Resilience: The business case
Gartner reports that 72% of organizations are not well-positioned for disaster recovery, with 63% likely to be suffering from “mirages or overconfidence.” 1
IT resilience spending is becoming more important. However, it can be difficult to explain the return. Begin by reviewing your current recovery capabilities. Is your hot site resource-intensive and costly? Or are you running a cold site that takes too much time to recover?
These costs are not comparable to the benefits you get from modernization efforts already in place. To increase IT resilience, it is worth partnering with your operations and infrastructure team.
Cloud technologies and automation are already part of your everyday life. You already use cloud technologies and automation. Why not take the opportunity to increase your resilience?
Automation allows you to quickly rebuild affected environments when it comes to ransomware. Automation can also improve the frequency and accuracy of recovery testing. Cloud can help you reduce the cost of maintaining a recovery area by minimising your footprint and using automation to rebuild on demand.
Automation investments not only increase your resilience, but also open the doors to optimizing IT operations across the enterprise. It’s possible to spin it the other way: IT resilience is a strong business case for automation adoption across the company.
It is important to shift from thinking of resilience as a separate function to seeing it as an extension of your modern infrastructure.
There is less risk and more reward
Traditional BCDR approaches are fine if you’ve weighed recovery costs against cost. But that’s until you’re hit by ransomware. You are forced to use modern technology to recover your recovery goals.
Modern technologies such as automation and cloud are already being used in your company to some extent. You don’t have to limit your BCDR capabilities when IT modernization can enhance it.
It’s all about connecting the dots for many organizations. Automating your response to cyber-attacks will make it easier to replace manual work with automation. It is possible for companies to extend their modernization efforts in order to create a more efficient, cost-effective and faster resilience function.