There’s a perfect cybersecurity storm happening. We’re seeing more attacks than ever before but there aren’t enough infosec experts out there to defend organizations, meaning that infrastructure and operations teams are unwittingly put on the front line (especially in cases of ransomware).
Protect as best as you can but be prepared for the worst The industry has already woken up to the idea that it’s not about ‘if’ you’re hit, but ‘when’ you’re hit and this means that preparations must be made accordingly. The good news is in the last few years CEOs have increased information security budgets due to the increased amount of attention attacks are generating.
So how should you spend it? Ultimately, you should build a robust program, but if a single failure results in a catastrophic outcome is that going to get you ahead? No. What will get you ahead is the continuity of business critical infrastructure, when the worst occurs.
Design your infrastructure like a shipYour job is to create an infrastructure that has the ability to bounce back. So how do you prepare for an attack you cannot stop? Two words: passive survivability.
Ships are designed so that - if they are damaged in a storm, or a crash - they can continue to sail in a deprecated manner, but most importantly: not sink. There’s an inherent resilience built into them, that should also be built into your data centre’s infrastructure, so you’re not completely knocked out of the water by an attack/outage. This is subtly different from network segmentation, and should be thought of as failure compartmentalization ..
Support the originator by clicking the read the rest link below.
