Adopt A Growth Mindset for Cyber Resilience

Prepare. Rehearse. Refine. Adapt.

Are you ready to recover from a cyberattack?

This is an essential question—not just for your team but also for your peers. Is your entire organization prepared for a cyberattack? If it happened tomorrow, would there be panic? Are roles and responsibilities clear?  Or would your business go down?

Being resilient and recovering quickly requires preparation across people, processes, and technologies. However, your team must adopt a growth mindset culture to fight today's rapidly evolving cyberattacks. What do I mean by that?  There is no one-size-fits-all solution against cyber threats; the only constant is change. Mitigating threats requires a passion for learning, curiosity to explore new concepts and commitment to evolve. To stay ahead of the ever-evolving threat landscape, develop proactive plans, test them, rehearse, refine as needed, and adapt learnings. Then, repeat the process again and again.

Why?

Cybercriminals today bank on the fact that your organization is unprepared for a cyberattack. Most are. They prey on your weaknesses and gaps. Cybercriminals expect you haven't put in the time, thought, and practice needed to recover quickly. If you think about it from their perspective: cybercriminals go for your backups, as they know that is often your last line of defense. They know if they take out your backups, then you are out of recovery options, and you are more likely to pay the ransom.

Generative AI Fueling Record Number of Attacks This Year

This year continues an AI-powered surge in cybercrime with new tactics like social engineering aimed to steal credentials. How? Phishing. Vishing. Deepfakes. Sure, phishing is old news. It has been around for decades. But what about AI-powered phishing? Convincing and natural-sounding text messages from your team? Maybe a voice memo from your  CEO? Or an entire Zoom call with deepfakes of all your colleagues? Today, assisted by GenAI, bad actors can more efficiently and precisely initiate social engineering at scale. Once cyber criminals obtain your usernames and passwords, they can just log in and compromise your systems. Last year, 74% of breaches involved a human element, such as social engineering attacks, errors, or misuse.[1] ​This is a 71% year-over-year increase in the volume of attacks using 100% valid credentials.[2]

And that’s not all. With the increasing adoption of large language models and Generative AI in the technology stack, organizations are increasingly vulnerable to attacks targeting Generative AI infrastructure including prompt injection, data poisoning, and data leakage.

The evidence is there, and it is time to prepare and adopt a growth mindset culture in your organization to be cyber-resilient in 2024 and beyond.

Your Blueprint: Prepare. Rehearse. Refine. Adapt.

Prepare

Just like the Boy Scouts’ motto, “Be Prepared.”  It is your secret weapon. Start with a Cyber Recovery Plan that includes these foundational best practices:

• Implement the 3,2,1 Backup Strategy. Keep three copies of your backups on two different media, with one copy offsite or isolated, including virtual and/or physical air gap and SaaS isolation.

• Enable security controls, including Multi-Factor Authentication (MFA), Multi-Person Authorization (MPA), Privileged Access Management (PAM), Role-Based Access Control (RBAC), Encryption (both in flight and at rest) and other robust defenses.

• Implement Appliances that are purpose-built and hardened.

• Enable AI-powered Anomaly Detection, alerting you to abnormal events outside the usual baseline.

• Turn on Malware Scanning and retention rules.

• Update Software and Security Patches regularly.

• Ensure solid protection plans and retention policies for all workloads. You should tie these policies to SLAs, RTOs, and RPOs, and all the necessary teams and business stakeholders should be aligned.

• Store leveraging Immutable Storage.

Rehearse

Focus on rigorous testing once fundamentals are in place. Practice makes perfect. Words I heard through most of my childhood are still true today. Especially in organizations when swift, coordinated and rapid response is required for recovery. This helpful blog contains some great tips and strategies for bringing your cross-functional teams together, Cybersecurity is a Team Sport. Once you have your cyber recovery plans and fundamentals in place, it is important to run comprehensive tabletop exercises to validate the effectiveness of recovery operations across teams, technologies and processes.

At Veritas, we rehearse and restore to a sandbox environment without impacting the production environment. This is by design. One of the reasons organizations are so terrible at testing their DR and Cyber Recovery plans is that they’re disruptive to production. But not with Veritas. Also, it’s important to note that you can choose to test a smaller size footprint during DR and deploy the full-sized DR environment during actual recovery.

Remember, test early and test often! I suggest keeping your teams on their toes with surprise simulations, gamification, and role-playing activities.

Refine

Some may call it agility; others, continuous improvement. I prefer growth mindset. Regardless of what you like to call it, success in today’s cybersecurity landscape requires a culture of consistent learning. Cybercriminals innovate to stay ahead, so cyber resiliency teams should, too—each test or rehearsal yields helpful learnings, like security vulnerabilities or failed backups. Teams may discover sensitive data or unnecessary access rights, preventing rapid recovery. They may also improve critical thinking, mitigation strategies, or cross-functional communications, essential for speed during high-stress recovery. Remember, cybersecurity today is a journey, not a destination.

Here are some helpful tips:

• Develop recovery runbooks, prioritize the order of operations, and update them regularly

• Adjust data protection policies to drive 100% backup success, in accordance with SLAs

• Create an isolated recovery environment (IRE or clean room)

• Implement Al-powered anomaly detection and fine-tune to eliminate false positives/negatives. Your solution should be able to detect anomalies in both data and user behavior.

• Adopt solutions that leverage intelligence to take proactive steps. For example, the Veritas Adaptive Self-Defense Solution, which automatically deploys security measures like adaptive multifactor authentication (MFA) and adaptive multi-person authorization (MPA) to safeguard both protected data and the security of the data protection platform from cyberattacks.

• Integrate with SecOps and establish incident response playbooks
  (e.g. SIEM / SOAR / XDR integration)

• Embrace GenAI with solutions like Alta Copilot that empower and elevate your teams from mundane, overly complex, or labor-intensive tasks.

Adapt

Often overlooked, this is a crucial part of your cyber resilience strategy. Make the necessary changes. Seek feedback. Apply change management. Fix the problems. Be open to new strategies.  Patch and update the software. Refine your challenging processes. Continue to meet and align regularly throughout your organization, especially including and informing your top-level executives. 

How to Remove Doubt: The Cyber Recovery Checklist

Check out the Cyber Recovery Checklist for a comprehensive list of foundational security and data protection controls and best practices.

Want ongoing insights on enterprise-grade cyber resilience?  Subscribe to the Veritas Cyber Resiliency Newsletter on LinkedIn.