• GenAi

๐Ÿ” Cyber-resilience Insights: Prework & Recovery are the linchpin. Organizations are ramping up their cyber-resilience efforts by investing in automation, to help facilitate their modern backup infrastructure. I’ve seen firsthand that prioritized recovery planning and understanding application architecture are game-changers. Verification and analysis of recovered data are critical; collaboration between IT ops and security is non-negotiable.

Here’s what I’ve learned: Automation when utilized and not mired with maintenance, or mismanagement is a game-changer. Automating core systems for recovery, selecting the right destination, restoring services, and even verification can assist or at times fully mitigate risks.

๐Ÿ’ช Recovering critical business functions to designated locations is a rising trend.๐ŸŒ

๐Ÿ‘จโ€๐Ÿ’ป Paying ransoms isn’t the answer, so let’s be prepared! Let’s embrace a structured approach for a cyber-resilient future!๐Ÿ› 

Gartner has a fantastic write-up on this minus the Automation perspective that will talk you through their Ransomware Recovery Guidance Framework.

๐—ง๐—ต๐—ฒ ๐—ด๐˜‚๐—ถ๐—ฑ๐—ฎ๐—ป๐—ฐ๐—ฒ ๐—ณ๐—ฟ๐—ฎ๐—บ๐—ฒ๐˜„๐—ผ๐—ฟ๐—ธ ๐˜€๐˜๐—ฎ๐—ด๐—ฒ๐˜€ ๐—ฎ๐—ฟ๐—ฒ ๐—ฎ๐˜€ ๐—ณ๐—ผ๐—น๐—น๐—ผ๐˜„๐˜€:
Prework.ย This stage includes everything necessary to begin recovery. Prework consists of two separate phases. The first is a planning phase that takes place before an attack. In this phase, you develop and establish the plan for ransomware recovery. The second phase starts when an attack is underway and continues until it has been contained. Recovery cannot begin until the attack has been contained.

๐—ฆ๐˜๐—ฎ๐—ด๐—ฒ 1: Recovery type and destination.ย Analyze backupย data to determine the type of recovery method that will be used and where data will be restoredย to.

๐—ฆ๐˜๐—ฎ๐—ด๐—ฒ 2: Recovery of data and services.ย Prioritize mission-critical applications and dependencies while using all available advanced options and adhering to the best practices of the backup platform.

๐—ฆ๐˜๐—ฎ๐—ด๐—ฒ 3: Recovery verification.ย Confirm that recovery of data and services has been completed and ensure the environment is ready to be brought back online.

๐—ฆ๐˜๐—ฎ๐—ด๐—ฒ 4:ย Productionย integration.ย Outline the process of reintegrating recovered data and services into production environments, so that business as usual can resume.

Cyberresilience Ransomware Automation ITInsights

๐—ก๐—ผ๐˜๐—ถ๐—ฐ๐—ฒ: The views expressed in this post are my own. The views within any of my posts, or articles are not those of my employer or the employers of any contributing experts. ๐—Ÿ๐—ถ๐—ธ๐—ฒ ๐Ÿ‘ this post? Click ๐˜๐—ต๐—ฒ ๐—ฏ๐—ฒ๐—น๐—น icon ๐Ÿ”” for more!

Picture of Doug Shannon

Doug Shannon

Doug Shannon, a top 50 global leader in intelligent automation, shares regular insights from his 20+ years of experience in digital transformation, AI, and self-healing automation solutions for enterprise success.