Resiliency - Backup Tech

Resilency Services

5 Actions That Will Immediately & Greatly
Improve Ransomware Resiliency

EXPECT THE UNEXPECTED

Ransomware Statistics

93% of companies without Disaster Recovery who suffer a major data disaster are out of business within one year.

2 out of 3 midsize businesses suffered a Ransomware attack in the past 18 months.

The average downtime for businesses as a result of a ransomware attack was 20 days in Q4 2021.

96% of companies with a trusted backup and disaster recovery plan were able to survive ransomware attacks.

Even after paying, only around 8% of victims recover all data. The average ransomware victim loses around 35% of their data.

More than 50% of companies experienced a downtime event in the past five years that was longer than a full workday.

An hour of downtime costs $6,797 for a small company, $62,875 for a medium company $594,777 for a large enterprise.

82% of breaches are caused by attack vectors that involve human errors such as social engineering attacks, phishing, and misuse.

Services & Solution Areas

^

Foundational Resilience Elements

Establishes the foundation for resilience within the organization

^

Core Resilience Programs

Addresses the core programs required for response and recovery

^

Secondary Resilience Programs

Expands on resilience capabilities by increasing response and recovery capabilities

^

Pathway to a Resilient Ransomware Program

Implements the required elements to develop a resilient ransomware program

Contact Us

Building Blocks of Resilience in Ransomware – Overview

In order to build and maintain a Resilient Ransomware Program,
it is critical to take the below into consideration.

Overview
Standards such as ISO 22301, NIST CSF, and FFIEC help to guide the organization’s resilience strategies and efforts. Utilizing these standards will also fast track ransomware and resilience initiatives.

Details

Choosing the standard that is right for you will depend on many factors such as your organization’s size, industry, and risk tolerance.

Although these standards cover various resilience and recovery elements, following their requirements and guidance will help build a foundation for your ransomware program

Overview
Responding and recovering is a core element for resilience. Core response programs enable a resilient and comprehensive ransomware recovery.

Details

Outline a program strategy with Executive Leadership to determine a right-sized approach

Focus on the Foundational Resilience Elements before developing core/ secondary resilience programs

Programs should work in cohesion to guide response and recovery efforts

Overview
Once a Standard has been chosen, the organization should begin to align ransomware and resilience capabilities to the standard. Evaluating your program against standards helps align priorities and determine gaps.

Details

A program evaluation should determine current resilience capabilities, identify gaps, and outline recommendations

Perform both Passive (i.e., Assessments, Current State Reviews, etc.) and Active (Live Failover Tests, Tabletop Exercises, Plan Walkthroughs, etc.) program evaluations

Overview
Continuous improvement is an on-going process that needs to be incorporated within a resilient ransomware program. This area includes testing, training, live tests/ exercises, lessons learned, and Tabletop Exercises (TTX).

Details

A goal of program owners should be to develop a predictable and reliable program

Activities should include testing, exercises, lessons learned, and training

Continuously identify improvement opportunities and prioritize initiatives based on risk tolerance and strategy

Key Considerations of a Resilient Ransomware Program

The elements outlined to the right represent areas that most organization’s overlook when developing ransomware programs. The inclusion of these elements help embed resilience within the program.

^

Ensure Executive Sponsors support the program, budget, and continuous improvement process

^

Prioritize testing and exercises regularly to ensure everyone involved understands plans and procedures to perform their role

^

Compare results of the BIA/ Business Requirements (i.e., RTOs, RPOs) to ransomware recovery capabilities. Discuss gaps, workarounds, and recovery steps with the business.

^

Consider SaaS provider’s (Office 365, Salesforce, Workday) mass restore capabilities and SLAs as native restoration tools are often difficult to restore and require vendor-specific knowledge

^

Analyze your backup technology and capabilities to ensure they align with RTOs & RPOs identified by the Business Impact Analysis (BIA).

Contact Us

Pathway to Ransomware Resilience & How We Can Help

Resilience Current State Review

$

Capability Maturity Assessment

$

Testing & Tabletop Exercise Facilitation

$

Resilience Assessment

Risk Assessment

$

Continuity Risk Assessment

$

Technology Capability Assessment

$

Function Level Resilience Maturity Assessment

Business Impact Analysis (BIA)

$

Business Impact Analysis Facilitation

$

Process/ Technology Prioritization & Reporting

$

Technology Gap Assessment

Technology Resilience

$

High Availability & Backup Replication

$

Disaster Recovery Plan & Playbook Development

$

Backup & Disaster Recovery Testing

Business Resilience

$

Business Continuity Plan (BCP) Development

$

Function Specific Recovery Plans

$

Plan Walkthrough/ Scenario Specific Exercises

Cyber Resilience

$

Cyber Incident Response Plan (IRP) Development

$

Ransomware Playbook Development

$

Ransomware Tabletop Exercise Facilitation

Steps for Testing a Resilient Ransomware Program

Organizations should regularly test the ability to respond and recover from disruption scenarios and develop an exercise plan that appropriately details how it will gain assurance that the company can remain within the recovery objectives for each business function or dependency.

^