KUALA LUMPUR: With data volumes surging, organisations must prioritise the resiliency of their data infrastructure. According to Hitachi Vantara Chief Technology Officer for APAC, Matthew Hardman, the evolving digital environment demands robust measures to protect critical information, necessitating a proactive data management and security approach.
“Many organisations are not fully prepared for the risks posed by cyberattacks and outages. The key to prevention and business continuity lies in having a well-defined data resiliency strategy in place,” he said, following the major information technology (IT) outage on July 19, which affected a large number of businesses and governments worldwide, as it involved 8.5 million devices throughout the globe.
“We saw disrupted services and operations across multiple industries, but those hit hardest would have been the businesses that are heavily reliant on uninterrupted computer functionality,” he opined, adding that the businesses in question include banking, healthcare, airlines, emergency services and retail.
Hardman provided an example of financial services and online banking services that were taken offline, which would cause delays in patient care in settings where patient records were not accessible – not to mention the flight delays and cancellations worldwide.
Explained further, Hardman said the interconnectedness of these industries meant that the outage had a domino effect, whereby one firm going offline meant that other organisations reliant on them also had to stop operations.
“Suffice to say, the impact was already significant and we may only be seeing the tip of the iceberg of what the real overall impact of the outage has been (or could be).
“Ultimately, the incident underscores just how reliant the world is on interconnected technologies and the need for more robust cyber resilience strategies,” he added.
Preventing future incidents
Hardman said data resiliency is an organisation’s ability to recover from data breaches and other losses, enact business continuity plans quickly, and implement stronger data protection measures moving forward.
“It is critical to prioritise data resiliency by implementing best practices in this area,” he said.
Businesses can fortify their defenses and warrant service steadiness through several key strategies and should take stock of their current level of cyber resilience, data protection, and overall operational resilience.
This, he said, might involve working with internal experts or a trusted partner to assess their on-premises, hybrid cloud, or fully cloud-based environments.
Other than the said strategies, he said that having a backup and recovery plan with security measures in place is ‘a good start’, but it is not enough for data resiliency.
“A truly resilient infrastructure requires data immutability, consistent deployment processes, and the ability to withstand unexpected system failures,” he said.
Organisations need a data resiliency plan encompassing their entire environment both on-premises and in the cloud.
Collaboration across the organisation is essential, including addressing shadow IT (unauthorised use of IT applications and devices).
“While there is a lot to consider, a trusted data infrastructure expert can support businesses in implementing strategic solutions to improve current data resiliency posture at any stage. Regularly refreshing and rehearsing IT outage response plans are crucial in the digital age,” he said.
“Hence, partnering with such an expert allows businesses to identify vulnerabilities and determine the necessary steps to ensure proper data protection, compliance and cyber resilience,” Hardman concluded.
Cybersecurity Should Not Be Underestimated
Meanwhile, BMI Senior Power and Renewables Analyst, David Thoo said that the power sector should not be undermined when it comes to cybersecurity, given the implications.
Whether in renewables or traditional energy, Thoo emphasised that the power sector would always be a target of cyberattacks and as the adoption of renewable energy increases, this could mean that more plants and systems are being targeted.
“The main targets of cyberattacks are critical infrastructure including utility networks and power plants. If these attacks can bring networks or power plants offline by infiltrating controls, it will result in major blackouts,” Thoo said.
The world is rapidly ramping up its renewable energy capacity in line with ambitious climate pledges.
The accelerated transition to green energy comes with new challenges, including concerns about the increasing use of electricity use from renewable sources, which could create new opportunities for cyberattacks.
The Malaysian government, through the Malaysia Cyber Security Strategy 2020-2024, has identified 11 Critical National Information Infrastructure (CNII) sectors – including the energy sector – that must be protected and preserved to ensure the security of the nation, its economy and the public’s health and safety.
