While 2020 will always be remembered as the year of the COVID-19 pandemic, that’s not the only thing that went wrong. 2020 was also the year that the total number of cyberthreats and attempted cybersecurity attacks exploded.
Cybercriminals moved quickly to exploit new vulnerabilities caused by the pandemic. For example, the vast majority of employees suddenly had to work from home; but in most cases, their security best practices were far inferior to the controls in place at the corporate office.
This shift represented an unprecedented opportunity for the bad guys, and they quickly looked to take advantage. Unfortunately, this led to record-breaking spikes in cyberthreats in 2020. Consider the following examples:
· According to research from ZDNet, brute force attacks against machines running remote desktop protocols (RDP) rose 400% in March and April 2020 alone.
· Barracuda Networks reported that email phishing scams related to COVID-19 rose 667% in March 2020.
· Perhaps this should not have been a surprise since individuals were three times more likely to click on pandemic-related phishing scams at that time. (As reported in the Verizon Business 2020 Data Investigations Report.)
· It wasn’t just RDP and email either: According to SonicWall’s 2020 Cyberthreat Report, ransomware attacks increased 105% during the pandemic.
It’s a major issue, and one that continues to affect managed services providers (MSPs), their clients, and companies today.
Cost of downtime and data loss
As we’ve described in past articles, the adverse effects of a cyberattack can be devastating. It doesn’t matter how cybercriminals gain access or cause damage — whether it’s through a phishing attempt, a data breach, a ransomware incident, a distributed denial-of-service (DDoS), or even a ransomware distributed denial-of-service (RDDoS) — any successful cyberattack can lead to major problems.
Companies can experience downtime or complete disruption of service, suffer loss of sensitive data, or even be forced to pay hefty ransoms in order to undo damages caused by hackers. In turn, all of this can lead to high costs, compliance-related fines, loss of customers, and other devastating challenges.
This is why companies need a holistic strategy that consists of cybersecurity and cyber resilience.
What is the difference between cybersecurity and cyber resilience?
Admittedly, the two terms may seem similar and interchangeable. Yet they really represent two different concepts.
Cybersecurity refers to a company’s ability to protect against cyber threats and cyberattacks. More specifically, cybersecurity encompasses the various technologies, processes, and practices necessary to safeguard a company’s vital assets, including networks, data, systems and applications, and infrastructure.
Cyber resilience refers to the quality of an IT infrastructure that is flexible enough to withstand changes and modifications and can rapidly return to a stable state once disturbed or compromised. These changes and modifications can include a cyberattack, the onboarding of new employees, adding new endpoints or workloads to the network, hardware failures, etc.
How do cybersecurity and cyber resilience mitigate data damage and loss?
Cybersecurity and cyber resilience both help mitigate data damage and loss, but do so in different ways.
When we talk about cybersecurity, we tend to default to a product-centric view; in other words, the technologies and solutions that have been designed to detect, prevent, and respond to cyberthreats. This often refers to “full-stack” IT cybersecurity solutions that offer endpoint detection, malware, antivirus, backup, and email security.
Cyber resilience can also minimize damage and loss but focuses on what happens after any type of disturbance and uses a people-process-product framework to stabilize the business.
· People: Employees can often be the weakest link in security and often unwittingly contribute to major vulnerabilities. Cyber resilience focuses on making sure the right people are in the right place at all times and have the appropriate training and skills needed.
· Process: In this example, cyber resilience strategies seek to make sure the right processes are clearly defined, but also describes the proper steps to follow when something goes wrong. For example, this could be a checklist for how to add a new server or workstation, or an action plan that describes immediate steps to recover lost data.
· Product: The product component of cyber resilience is the technology companies can use to respond to the attack, or that helps them implement the various process steps as identified above. This can include backup or disaster recovery solutions as well as many other specialized products.
Why do your clients need both cybersecurity and high cyber resilience?
Your clients need cybersecurity to detect and stop cyberattacks. They also need to be cyber resilient so that regardless of an attack or any other disturbance to the status quo, their IT infrastructure can rapidly return to a stable state. In some cases, a cyber-resilient infrastructure can withstand a disturbance and quickly return to its normal or static state. In other cases, the infrastructure may withstand a disturbance and, as a result, create a new, dynamic state. Any disturbance introduces an opportunity for cybercriminals to attack your systems and data.
Acronis Cyber Protect Cloud
The Acronis Cyber Protect Cloud is an all-in-one cyber protection solution that addresses all aspects of cyber resilience for your clients’ businesses. It is the only solution that natively integrates cybersecurity, data protection, and management to protect endpoints, systems, and data. This synergy eliminates complexity, so managed service providers (MSPs) can protect their customers better with one integrated solution that keeps costs down. The Acronis Cyber Protect Cloud uses advanced protection packs that offer specialized technologies that include:
● Advanced Security. Enhance security services with integrated cyber protection that includes full-stack malware prevention. This advanced pack extends the endpoint capabilities of the Acronis Cyber Protect Cloud, helping MSPs increase their detection rate and response times to the latest cyberthreats — critical for reducing the risk to their clients.
● Advanced Backup. MSPs can strengthen their overall data protection services by making sure clients never lose data — even between scheduled backups.
● Advanced Disaster Recovery. MSPs can get their clients back to business in just minutes and ensure immediate data availability after a disaster strikes. The Advanced Disaster Recovery add-on helps make disaster recovery painless and increases efficiency with orchestration, runbooks, and automatic failover.
● Advanced Email Security. Block any cyberthreats, including spam, phishing, business email compromise, advanced persistent threats and zero-day attacks — before they reach end users.
Today, companies all need a holistic strategy that consists of cybersecurity and cyber resilience — both to stay a step ahead of bad actors but also to keep the business up and running when something goes wrong.
Acronis is a Swiss company, founded in Singapore. Celebrating two decades of innovation, Acronis has more than 1,800 employees in 45 locations. The Acronis Cyber Protect Cloud solution is available in 26 languages in over 150 countries and is used by 20,000 service providers to protect over 750,000 businesses.