Exploring Passive Survivability: Bracing for a Security Attack
Security attacks continue to be on the rise as threats like ransomware grow more mature and complex. Although preventing ransomware attacks may seem near impossible, there are tools and infrastructure best practices that make recovering from a cyberattack less painful.
In a recent article with Infosecurity Magazine, Robert Rhame, Director of EMEA Product Marketing at Rubrik, explores the passive survivability model and how this framework can enable your team to bounce back from a successful attack. Let’s take a quick look at this model and how, according to Rhame, it can prepare your team.
A version of the below excerpted article originally appeared in Infosecurity Magazine.
Design Your Infrastructure Like a Ship
When it comes to preparing for a threat that you can’t stop, your infrastructure must be designed in such a way that an attack, although damaging to your business, does not cause all of your operations to sink.
Like a modern battleship, your infrastructure should be created with an inherent resiliency built into it. This resiliency is different than traditional network segmentation and should be thought of as failure compartmentalization. The prevalence of the cloud, mobile, SaaS, and IoT devices means that organizations must no longer be focused on securing the perimeter but instead compartmentalize their infrastructure in a passively survivable way that acts as a safety net when an attack occurs.
Prioritizing Is Paramount
Infosec and operations teams need to proactively meet and plan for an attack scenario prior to a breach occurring. This includes planning response tactics to threats, as well as enlisting a suite of tools that prevent, detect, and make the recovery process simpler. Moreover, after a breach occurs, the same teams need to focus on remediating the attacks in the areas most critical to the business – weighing the benefits and challenges of prioritizing one over another.
Backing up Means Bouncing Back
Can you rely on your backup in the event of a cyberattack? To prepare for a ransomware attack, it’s important to examine your existing architecture and implement compartmentalization and isolation of backup infrastructure and immutability of data. Ask yourself these questions to quickly gauge if your infrastructure is ready:
- Can you bootstrap critical infrastructures such as AD, DNS, and Time Servers? How quickly?
- Does your backup let you instantly recover?
- Can you identify where attackers have hit with an automation tool? Including, where and when an attack occurred and the steps needed to recover?
- Are you able to replicate and recover a clean version of a compromised file prior to the point of an attack?
Passive survivability is not a replacement for prevention. Protecting a business from a cyberattack requires preparation long before an attack actually occurs. A large component of passive survivability includes developing a cyberattack safety net that incorporates tools and processes designed to get you back on your feet quickly.
Get more insight into how your team can embrace passive survivability in the face of a cyberattack in Robert’s article here.