Understanding Cyber Recovery and it's Relationship to Backup and Disaster Recovery as Services

There are so many emerging cyber threats out there, it can be challenging to know what you really need to deploy for protection. In this blog we’ll cover what cyber recovery is, a term that’s getting increasing airtime, and how it differs from both Backup as a Service and Disaster Recovery as a Service.

Let’s start with some figures to give the important of cyber security and recovery some context.

  • According to Hiscox there are 65,000 attempts to hack small-medium-sized businesses in the UK daily, with a successful hack every 19 seconds.
  • Of cyberattack cases reported to Kroll in 2020, over a third involved ransomware, making it the biggest cyber-threat for businesses in the UK.
  • The Chambers of Commerce discovered that 93% of businesses that had a data loss for over 10 days went bankrupt within a year, 50% immediately.

It’s clear current defences aren’t working and it’s critical companies move beyond simple cyber security (or indeed no security) to something more comprehensive and sophisticated.

What is BaaS?

A business is built on data that is collected and earned over time. Often the true worth of that data is only fully realised when it’s lost. However, the last few years has seen companies increasingly invest in Backup as a Service (BaaS). BaaS is a cloud-based solution that stores a copy of your important business data at regular intervals. That way, if your organisation does face data loss, then you can retrieve your information. Bear in mind a backup is a copy of your original data and it’s meant to be restored to the existing infrastructure. Often not only can that data be corrupt before it’s backed up, but chances are also your infrastructure won’t look quite the same as it did pre-attack.  That’s why a backup alone just isn’t enough anymore.

What is DRaaS?

Backup as a Service stores and secures your data files whereas Disaster Recovery as a Service (DRaaS) stores and secures your entire server: operating system, applications, and configuration as well as data at a secondary data centre. The difference becomes apparent if you must recover after a total system failure.

Therefore, in the event of a natural or man-made disaster, you can spin up the virtual machines that you need, using resources (RAM/CPU) on-demand. DRaaS solutions guarantee both your data and infrastructure are protected and ensures business continuity by replicating your servers and failing over to a secondary compliant disaster recovery site.

Where does Cyber Recovery fit in?

The purpose of DRaaS is to get operations back to a normal operating state, with minimal data loss; cyber recovery is about the business's survival, which means focusing on preserving the minimum data, applications, and infrastructure that are essential for the organisation's existence. Speed and availability are prioritised with DRaaS, while security and data integrity are the focus of cyber recovery.

A system that solves the DR problem isn't necessarily adequate for cyber recovery, as the differences in scope, replication frequency, threat exposure and storage and recovery locations make them two distinct problems.

One of the tools needed for cyber recovery, but not for DR, is an isolated, air-gapped backup environment. Customers should have a way to store essential data and applications in a low-access, secure, immutable repository separate from production and recovery environments, using Dell's Cyber Recovery vault as an example.

In the event of an attack, this data will help businesses to recover. A true logical air gap needs to be inaccessible and offline, not just in a different location. Otherwise, it can still be compromised by bad actors. Under this model, a firm’s data is online for an hour every few days at most.

Other vendors provide similar isolated storage tools. However, Dell's Cyber Recovery has an additional analytics component with CyberSense, which can scan the data within the vault for signs of cyber-attacks – so you can be sure of your data’s integrity at backup stage.

Cyber recovery forms an integral part of your overall cyber resilience strategy and is the next level of evolution in cyber security. It goes beyond prevention to assume the worst will happen and plan for it. This allows businesses to better detect, prevent or quickly bounce back after an attack.

From speaking with business leaders, many struggle to differentiate cyber protection and data protection as well as data back-up versus recovery. Our team at CAE has been helping companies to navigate this uncertainty by developing and scaling cyber recovery programmes and capabilities that meet the needs of an ever-changing cyber landscape.

Assess your cyber resiliency

Complete our free cyber resiliency assessment for a quick but comprehensive health check that measures your organisation’s ability to detect, respond to and recover from cyber threats. Based upon your evaluation and current score, we provide you with customised recommendations and valuable insights as well as actionable steps from trusted experts to help improve your cyber resilience today.

Get Cyber Assessment