Structured for Success: 4 Architectural Pillars of Cyber Resilience

When built on a solid architectural foundation, cyber resilience can dependably manage unanticipated ransomware hazards and other threats to recoverability.

Structured for Success: 4 Architectural Pillars of Cyber Resilience
(Credit: Denis Putilov / Alamy Stock Photo)

Ransomware attacks occur roughly every 11 seconds, and 94% of them now target backups. That means backups are under threat like never before — and as a result, it can be argued that the most business-critical workload is backup/restore. To achieve cyber resilience, this threat to backups must be addressed thoroughly and decisively.

CIOs and CISOs have made cyber resilience a top priority, employing many best practices and security layers to safeguard data:

  • Identifying key assets that are searchable/accessible online and reducing their exposure.

  • Ensuring that firmware and software are patched on a regular basis and that common vulnerabilities and exposures (CVEs) are monitored.

  • Securing public-facing servers and applications at the firewall, network, and data storage levels.

  • Simulating different attack threat "vectors" (external and internal) and creating recovery procedures for them.

Understanding the pillars of cyber resilience

Cyber resilience requires a strong architectural foundation based on four pillars.

Network-wide visibility

As the IT ecosystem has expanded, teams need to be able to have visibility to their key assets, and especially for high-value data that can be a compelling target for ransomware attacks. With today's hybrid environments, this means ensuring visibility to data across cloud and on-prem infrastructure. The 2022 Cisco Global Hybrid Cloud Trends report found that 82% of IT leaders said they’d adopted such a hybrid approach.

Having centralized visibility is fundamental to not only taking control of cloud environments but also bridging silos. In a recent survey conducted by Forrester, 83% of IT decision-makers said a single consolidated view for managing their organizations’ cloud and IT services would help achieve their business outcomes — including improving their cybersecurity posture.

Data protection via immutability

Immutable data storage enables the storing of data after it is written, such that it's impossible to change, erase or otherwise interfere with it. This functionality guards against malware, ransomware, and both unintentional and malicious human behavior.

Since it effectively protects data against any change or erasure, as would be typical in a ransomware attack that tries to encrypt data, immutability is commonly regarded as a prerequisite in the battle against ransomware. It also covers ransomware attacks that threaten to read, exfiltrate and publish data in order to reveal private or sensitive information to the public; Wikileaks is one example.

Archive tiers, both in the data storage and in locations

Enterprises are seeking backup storage solutions that offer a multi-tier backup design, enabling every storage tier to be optimized — performance, capacity, or archival — whether located on-premises or in the cloud. Moreover, each of these tiers can and should be immutable and secured with their own login credentials, encryption keys, authentication, and access control schemes. This makes it harder for malicious actors to access data from "all" tiers, even if they succeed in breaking into one.

The time-honored 3-2-1 backup rule recommends having three copies of data stored on two different media, with one copy stored offsite. However, in light of today's threat landscape, many organizations create four or five copies of important data. And an additional step has become necessary: storing at least one of those copies offline.

Augmenting - not countering - is the pillar of network visibility; best practices today also use "air-gapped" copies that reside on a physically separated network or device, either.

  • Locally, through physically disconnected storage systems with offline copies of backup data.

  • Remote replication to two or more data centers in a rotating "tick-tock" manner. One site remains air-gapped while the other receives newer data, then vice-versa.

  • Secure offsite storage.

  • Offline devices such as tape for that last-and-final copy of critical backups.

In practice, immutable object storage can achieve 99% of the benefits of these physically air-gapped approaches without the inconvenience and the additional advantages of offering faster restore capabilities.

Scalable backup and recovery architecture

Beyond this 3-2-1 rule, organizations need a scalable backup and recovery infrastructure — one that makes management fast and simple – to sustain business continuity and operations in the current cybersecurity landscape. The reality is that backups can fail such that data is lost, corrupted, or inaccessible. Unconstrained data expansion poses another threat to cyber resilience, with more devices needed to manage and store the data, more time for backups, and far more time for restoring petabytes vs. gigabytes. With cost always a concern, the temptation exists to not backup or data-protect everything — a huge mistake if something critical is missed.

When it’s quick and simple to adjust infrastructure components like data storage and protect them accordingly — it’s easier to recover and stay resilient.

Cyber resilience: A modern necessity

Cyber resilience is critical to the security of an organization’s data — and possibly to an organization’s survival. When built on a solid architectural foundation, organizations can dependably manage unanticipated ransomware hazards and other threats to recoverability — keeping data secure and immutable no matter what.

Giorgio Regni is the co-founder and chief technology officer of Scality.

Related articles:

About the Author(s)

Giorgio Regni, Co-Founder and CTO, Scality

Giorgio Regni is co-founder and CTO of Scality. He oversees the company’s development, research, and product management. He is a recognized expert in distributed infrastructure software at web scale, and has authored multiple US patents for distributed systems. Prior to Scality, Giorgio was a co-founder and VP of Engineering at Bizanga, where he developed anti-abuse software that still protects hundreds of millions of mailboxes across the world. Giorgio holds an engineering degree in computer science from INSA (Institut National des Sciences Appliquées) in Toulouse, France. He is also an accomplished hacker and developer. In his spare time, Giorgio has created mobile phone applications that are currently in use by an installed base of more than 2 million people. On an artistic note, Giorgio is a skilled electric guitar player, drawing his inspiration from guitar legends like Joe Satriani and Steve Vai.

SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like


More Insights