Why Does Recovery Take So Long? But It Doesn’t Have To

Posted: Friday, Jul 04

KBI.Media
$
Why Does Recovery Take So Long? But It Doesn’t Have To

Karissa Breen, crowned a LinkedIn ‘Top Voice in Technology’, is more commonly known as KB. A serial Entrepreneur that Co-Founded the TMFE Group, a holding company and consortium of several businesses all relating to cybersecurity including, an industry-leading media platform, a marketing agency, a content production studio, and the executive headhunting firm, MercSec. KBI.Media is an independent and agnostic global cyber security media company led by KB at the helm of the journalism division. As a Cybersecurity Investigative Journalist, KB hosts her flagship podcast, KBKast, interviewing cybersecurity practitioners around the globe on security and the problems business executives face. It has been downloaded in 65 countries with more than 300K downloads globally, influencing billions in cyber budgets. KB asks hard questions and gets real answers from her guests, providing a unique, uncoloured position on the always evolving landscape of cybersecurity. As a Producer and Host of the streaming show, 2Fa.tv, she sits down with experts to demystify the world of cybersecurity and provide genuine insight to businesses executives on the downstream impacts cybersecurity advancement and events have on our wider world.

i 3 Table of Contents

Why Does Recovery Take So Long? But It Doesn’t Have To

From Karissa Breen

Recently, Commvault released the State of Data Readiness Report, which surveyed more than 400 leaders from across Australia and New Zealand. Executives believe their companies must recover within 24-48 hours. IT and security teams estimate five to seven days if they are to be realistic. The actual global average is about 24 days offline.

I sat down with Martin Creighan, Vice President, Asia Pacific at Commvault, to discuss key findings of the report.

“It’s no longer really a matter of if you get breached” Creighan said. “It’s a matter of you’re going to get breached and then, how bad, and how long it takes you to recover.”

After an attack, figuring out exactly when and where criminals entered can take up to two weeks, or some times way longer. Why? Because the average attacker hides undetected in systems for nearly 200+ days before striking. Many businesses think they run recovery tests, but ticking boxes isn’t the same as simulating a real, high stress recovery scenario. The difference between theory and practice can be where the discrepancy is. Even with a clean backup, restoring applications and dependencies is arduous especially when documentation is missing and interconnections aren’t understood. Creighan cites the global average cost per breach is nearing US$4.8 million [AUD$7.3 million], not including the blow to customer trust and brand reputation, which we’ve seen across Australia and other parts of the world post breach.

With new regulations like Europe’s DORA and Australia’s updates to CPS 230 and 234, companies are now legally required to demonstrate not just that they can recover, but that they actively test those capabilities.

“It’s a great shift,” Martin said, noting a new gravity from CFOs and boards who now see cyber resilience as fundamental to business continuity, not just a technical side quest.

‘Shiny new toys’ is common amongst the industry, to lose sight and become distracted. It’s known that basics can become cumbersome but that then presents a risk, that companies neglect foundational data protection and recovery practices. Martin’s advice is to not become distracted. The basics which is often spoken about include; data management, backup, testing which might not be glamorous, but they’re what keep businesses afloat when disasters arise.

“We’ve seen customers that haven’t been breached think it’ll never happen to them,” he warned. “But the ones that have been through an attack are twice as prepared and twice as likely to invest in mature recovery processes.”

The constant question faced by IT departments and boards is how they prepare for a disaster you can’t predict?

“Practice makes perfect. Put testing and real world recovery simulations at the top of your priorities.”

The largest global companies are starting to get it and are making shifts towards continuous business, which is now among their top three board level priorities.