This is a great article! Preach it, Justin Blake.
I think I may have mentioned this before: any good DR/Resiliency plan absolutely must include security as part of planning, budgeting, testing, and execution to be successful, potentially saving billions of dollars and thousands of jobs.
"Why, Matt Johnson, are you on your soapbox again?" you're saying. Well, here's why: ransomware, crypto- mining, and phishing (oh my).
Think about the sheer, unencumbered time that most negative actors have to be able to recon and act in most environments before flipping the switch on ransomware on all your critical infrastructure.
When that negative actor has had not days or weeks but months to years to reach as far as they can into your organizational IT, does your retention schema even begin to cover that? Does the risk to your organization when they encrypt your business-critical systems constitute an existential threat, also known as a disaster?
I'd love it if these were rhetorical questions, but they're not. As much as we talk about breaking down silos in IT, they're still alive and kicking. Silos cause gaps. Gaps cause risk because literally every gap is an exploit point. Exploit points allow ingress. Ingress causes a man-made disaster, which we know well can have more far-reaching consequences than natural disasters.
Without visualization, and dynamic security segmentation as an intrinsic part of your overall security plan, you are open to long-term risk to your IT organization. Without those three things as a dynamic and integrated part of your DR/BC/Resiliency plan, your entire company is at risk.
So, what're you going to do? Sit in your silo and hope for the best? Or reach out to your peers across the way and start building true resiliency for your career, your organization, and your company?
I know which one I'd choose, even though it might mean talking to those guys...
That's all for now! Thanks for the read.
PS- the image? Because once found, I couldn't not share it with you!
Cybersecurity threats like ransomware and DDoS attacks are more frequent, complex, and damaging than ever, having increased by more than 40% in the last two years and cause an average of over 16 days of downtime.