Plaintext: Are You Confident in Your Backups?
Source: Caleb Woods via Unsplash

Plaintext: Are You Confident in Your Backups?

Welcome to Dark Reading in Plaintext, now available as a weekly newsletter. In this issue of Plaintext, we look ahead to World Backup Day. Backups aren't new tech by any stretch of the term, but they are as important as ever in today's security landscape.

Do You Know Where Your Backups Are? March 31 is World Backup Day (there really is a day for everything!). Ransomware attacks over the past few years have highlighted the risks of not having a robust backup strategy. It is also now clear that knowing how to effectively restore from backup is just as critical as having backups in the first place. If it's too hard or too time-consuming to recover from backups, then the organization may have no choice but to pay the ransom. Backups need to be redundant and diverse. "Data should be considered 'at risk' if it can't be found in at least three locations," according to Dr. Johannes Ullrich , dean or research at SANS Institute . Organizations should aim at maintaining an on-premise copy, a cloud or online-remote copy as well as an offline remote copy of critical data. ?

It also matters what is being backed up. Jamf's Michael Covington, Ph.D. notes that while backing up the phone or laptop is obvious, people don't always think about backing up cloud services. What if the cloud service provider goes offline, or even worse, goes out of business? How many organizations back up their source code? What if the account was compromised and the attacker deleted your data? A comprehensive backup strategy doesn't just consider device failure, but also risks in the infrastructure. And it goes without saying the backups have to be protected, too.

"[You] never want to see an immediate gain on backups because you're hoping that everything works out and you never have to resort to them. But you need a plan for that." ( Mark Loveless , GitLab)

Time to Go Back to School. How cool is this? A new state law will require students in North Dakota public and private schools to complete a class in computer science or cybersecurity in order to graduate from high school. “The idea is to teach them [students] appropriate use and basic fundamental knowledge,” North Dakota State School Superintendent Kristen Baesler told Government Technology. “This is information for their every day world that should be harnessed for good, not harm.” There are several initiatives bringing cybersecurity education to the K-12 crowd, such as the Girls Scouts and the National Cyber Challenge and Cybersecurity and Infrastructure Security Agency’s Cyber.org Range, but we always welcome more opportunities for young people to learn about cybersecurity.

What We Are Reading

What We Heard On-Air

Tune in to our on-demand webinar Building Out the Best Response Playbook for Ransomware Attacks for insights on developing ransomware response playbooks.

"If you get a ransomware note or demand, don't engage yourself. Get a trained negotiator." ( LeeAnne Pelzer, CISSP , consulting director, Palo Alto Networks)

From Our Library

Check out some of the latest reports from our?Dark Reading Library.

On That Note

Send us?your most creative cybersecurity caption for this month's Dark Reading Edge Cartoon Contest. Judges vote on the favorite caption this week!

A person on the floor building a domino structure using smartphones and tablets while another person holding a coffee mug looks on.
Dark Reading Edge Cartoon Contest for March 2023. By John Klossner
Steven Azar

Serial Entrepreneur

1 年

So mix

回复
KRISHNAN N NARAYANAN

Sales Associate at American Airlines

1 年

Thanks for sharing

回复
Kristofer Jovkovski

Internet/WWW pioneer,cybersec,emergency response,cognizant,spread of ideas,ideologies,geopolitics, neurolinguistics,mediator,opinions are not in any way a reflection of any business or government entity,way of the word

1 年

I totally agree - "Backups need to be redundant and diverse. "Data should be considered 'at risk' if it can't be found in at least three locations," according to Dr. Johannes Ullrich, dean or research at SANS Institute. Organizations should aim at maintaining an on-premise copy, a cloud or online-remote copy as well as an offline remote copy of critical data."

要查看或添加评论,请登录

Dark Reading的更多文章

社区洞察

其他会员也浏览了