Digital technology continues to transform all aspects of our lives to the point that now, after employees, data is a company's most valuable asset. It means every data storage estate needs to be cyber resilient, able to thwart ransomware, malware, internal cyber threats, and other potential attacks without causing business disruption.

Security decision-makers inside companies usually equate security with firewalls, network, and edge protection. They focus on how to track the "bad guys" down once they have breached the firewall. No organisation wants to be hit by cyberattacks and, yet, cyber criminals are so sophisticated, there is an extremely good chance most will face an attack at some point. It is not so much if you will be attacked, but when and how often. When cyber criminals do attack, the average timeframe to identify and contain a data breach, according to security analysts, is 287 days. That is a huge amount of time to alter, destroy, or steal data - without alerting suspicions.

Traditional backup methods are no longer sufficient and resilience - the ability to bounce back quickly - is imperative. Cyber attackers will target primary storage and secondary storage - backups, replicas, and snapshot. So, storage needs to be an essential part of your holistic enterprise security strategy, to safeguard against attacks, guarantee data availability and enable comprehensive data restoration for business continuity.

Creating a holistic enterprise security strategy means re-evaluating the relationship between cybersecurity, storage, and cyber-resilience. Primary and secondary storage needs to be protected, ranging from air gapping to real-time data encryption to immutable copies of your data to instantaneous recovery. This is especially important for companies in regulated markets, such financial services, pharmaceuticals, and healthcare, or publicly traded companies. But what does the storage component of your overall cyber security strategy look like?

On the primary storage front, do an analysis of your data to determine what data needs to be encrypted and what doesn't, then figure out how your protection needs keep your company in compliance.

On the secondary storage front, you need to decide what to do for modern data protection ('backups') and what to do from a replication/snapshot perspective for disaster recovery and business continuity. In this way, cybersecurity goes hand-in-hand with cyber-resilience.

4 STEPS TO EFFECTIVE STORAGE CYBER-RESILIENCE
1. Integrate modern data protection into the normal cycle of business, starting with a data protection assessment of the company's data sources.

2. Profile all datasets to establish what to protect and how. Each dataset brings a different value to the company and decisions about storage and protection need to factor in the category each piece falls into ? and the value level it either provides or could cost the business.

3. Data needs to be air-gapped, including logical local and remote air gapping. Logical air gapping creates a gap between the source storage and the immutable snapshots, while remote air gapping sends data to a remote system.

4. Create a fenced forensic network to provide a safe location for complete analysis of backup datasets and to identify a copy of the data that is free from malware or ransomware and can be safely restored.

When a security incident happens, follow these best practice steps:

• Ensure primary storage is clean
• Identify a potential good copy of the data and backup datasets
• Set up a fenced network and move the potential copy to that network
• Make sure there is no ransomware or malware on the data before executing the recovery to your primary servers and storage infrastructure
• Recover the data
• Continue the process for all appropriate datasets.