Plaintext: Are You Confident in Your Backups?
Welcome to Dark Reading in Plaintext, now available as a weekly newsletter. In this issue of Plaintext, we look ahead to World Backup Day. Backups aren't new tech by any stretch of the term, but they are as important as ever in today's security landscape.
Do You Know Where Your Backups Are? March 31 is World Backup Day (there really is a day for everything!). Ransomware attacks over the past few years have highlighted the risks of not having a robust backup strategy. It is also now clear that knowing how to effectively restore from backup is just as critical as having backups in the first place. If it's too hard or too time-consuming to recover from backups, then the organization may have no choice but to pay the ransom. Backups need to be redundant and diverse. "Data should be considered 'at risk' if it can't be found in at least three locations," according to Dr. Johannes Ullrich , dean or research at SANS Institute . Organizations should aim at maintaining an on-premise copy, a cloud or online-remote copy as well as an offline remote copy of critical data. ?
It also matters what is being backed up. Jamf's Michael Covington, Ph.D. notes that while backing up the phone or laptop is obvious, people don't always think about backing up cloud services. What if the cloud service provider goes offline, or even worse, goes out of business? How many organizations back up their source code? What if the account was compromised and the attacker deleted your data? A comprehensive backup strategy doesn't just consider device failure, but also risks in the infrastructure. And it goes without saying the backups have to be protected, too.
"[You] never want to see an immediate gain on backups because you're hoping that everything works out and you never have to resort to them. But you need a plan for that." ( Mark Loveless , GitLab)
Time to Go Back to School. How cool is this? A new state law will require students in North Dakota public and private schools to complete a class in computer science or cybersecurity in order to graduate from high school. “The idea is to teach them [students] appropriate use and basic fundamental knowledge,” North Dakota State School Superintendent Kristen Baesler told Government Technology. “This is information for their every day world that should be harnessed for good, not harm.” There are several initiatives bringing cybersecurity education to the K-12 crowd, such as the Girls Scouts and the National Cyber Challenge and Cybersecurity and Infrastructure Security Agency’s Cyber.org Range, but we always welcome more opportunities for young people to learn about cybersecurity.
What We Are Reading
领英推荐
What We Heard On-Air
Tune in to our on-demand webinar Building Out the Best Response Playbook for Ransomware Attacks for insights on developing ransomware response playbooks.
"If you get a ransomware note or demand, don't engage yourself. Get a trained negotiator." ( LeeAnne Pelzer, CISSP , consulting director, Palo Alto Networks)
From Our Library
Check out some of the latest reports from our?Dark Reading Library.
On That Note
Send us?your most creative cybersecurity caption for this month's Dark Reading Edge Cartoon Contest. Judges vote on the favorite caption this week!
Serial Entrepreneur
1 年So mix
Sales Associate at American Airlines
1 年Thanks for sharing
Internet/WWW pioneer,cybersec,emergency response,cognizant,spread of ideas,ideologies,geopolitics, neurolinguistics,mediator,opinions are not in any way a reflection of any business or government entity,way of the word
1 年I totally agree - "Backups need to be redundant and diverse. "Data should be considered 'at risk' if it can't be found in at least three locations," according to Dr. Johannes Ullrich, dean or research at SANS Institute. Organizations should aim at maintaining an on-premise copy, a cloud or online-remote copy as well as an offline remote copy of critical data."