“Give me your gut!” (as in “gut feeling”) has long been the cry of business continuity management in meetings, trying to make sense of complex situations or cut through to the essentials.
Industry Hot News (7050)
According to a recent Kaspersky Lab report, attackers who demand a ransom in return for not launching a DDoS attack (or to call off an attack in progress) can earn thousands of dollars in bitcoins, enabling the profitability of such attacks to exceed 95 percent.
"And the fact that the owners of online sites are often willing to pay a ransom without even checking whether the attackers can actually carry out an attack (something that other fraudsters have already picked up on) adds even more fuel to the fire," the report notes.
DDoS attacks, according to the report, can cost anywhere from $5 for a 300-second attack to $400 for a 24-hour attack.
While data backup and replication have their similarities, they are not the same, and rather than competing with one another can be used as complimentary tools to maximise the efficiency of an IT environment.
Data backup is the process of taking a copy of data at a fixed point in time and storing it for a set time frame (retention) in an alternate location to its original source.
Backups are typically used to make sure regulations and compliance around data protection are being met, and to protect against data loss.
Business analytics are often suggested as the “cure” for gut feeling.
Instead of trying to deal with emotions or personal preferences, the idea is to use facts as the basis for decision.
As I’ve said many times, cybersecurity seems to be more about reacting than acting or being proactive. Now, a new study by 1E found that, in fact, IT professionals spend a third of their time reacting to emergencies.
Nearly 30 percent of the IT tasks are unplanned, which works out to be about 14 weeks of job time per year. More than half of the respondent admit that a problem that is found relatively quickly (within an hour) can take most of the day to resolve.
While this study looks at IT as a whole, it fits into the scope of security, as well. Think of the amount of downtime that is caused by a security incident and how long it takes you to get the company up and running properly again, or how long it takes to resolve that incident. Then ask yourself if you were prepared to address the security incident. Again, I think the formal statement that Sumir Karayi, founder and CEO of 1E, made is as applicable for security as well as overall IT functions:
We knew that IT teams spend a lot of time on unplanned incidents, but we didn’t think it was this high – one third of their time. That’s taking a huge toll on their ability to innovate.