When your organization’s infrastructure is responsible for providing critical infrastructure services to the public, cyberattacks have widespread, potentially devastating, and highly visible consequences not only for your team and customers – but also for the public.
After an attack you can certainly restore from data backups. But you’ll still have downtime until you have identified and disarmed the source of ransomware. Depending on your backup process this phase can be tedious and slow.
Cyber resiliency is a critical requirement for any organization that provides critical infrastructure services. This means that all phases of an attack an organization must continue to operate and support critical operations.
The DarkSide Ransomware attack against the Colonial Pipeline highlights the need for organizations to focus on all three phases of a cyberattack. Organizations must recognize that they are always in one of these phases.