Security News

In the cybersecurity world this is known as disaster recovery planning, crisis management, or backup and recovery policy. Regardless of the name, it all boils down to pre-incident planning that creates a tested and robust process for the recovery of an IT network and, ultimately, a return to business-as-normal.

LastPass says attackers got users' info and password vault dataThe information couldn't come at a worst time, as businesses are winding down their activities and employees and users are thick in the midst of last-minute preparations for end-of-year holidays. New Microsoft Exchange exploit chain lets ransomware attackers inRansomware-wielding attackers are using a new exploit chain that includes one of the ProxyNotShell vulnerabilities to achieve remote code execution on Microsoft Exchange servers.

There's no end - or restored data - in sight for some Rackspace customers now on day 12 of the company's ransomware-induced hosted Exchange email outage. Rackspace did not say if or when it expects to recover people's data that was lost or scrambled when ransomware hit its systems - an attack that took down some of Rackspace's hosted Microsoft Exchange services on December 2.

In this Help Net Security video, Chip Gibbons, CISO at Thrive, illustrates the differences between a business continuity plan and a disaster recovery plan. A business continuity plan refers to how a business continues to operate when key systems are down or an outage occurs.

Every organization should have a business continuity plan, and a key component of your business continuity policy should be regional disaster recovery, which places a secondary IT environment far enough away from your primary site that it won't be affected by the same disaster. Why you should meet regional recovery needs with Kubernetes.

Illumio released The Zero Trust Impact Report, a research on market perspectives of zero trust strategies and the business impact of segmentation technology. Zero trust is now the standard: 90 percent state that advancing zero trust strategies is one of their top three security priorities this year as a way to improve cyber resiliency and reduce the rising threat of attacks turning into disasters.

Cybersecurity company Illumio as part of their "Zero Trust Impact Report" found that leaders that employ zero trust architecture thwart five major cyberattacks per year, saving their organizations an average of $20 million annually. "Catastrophic breaches keep happening despite another year of record cybersecurity spending," said PJ Kirner, Illumio co-founder and CTO. "I'm shocked that nearly half of those surveyed in The Zero Trust Impact Report do not think a breach is inevitable, which is the guiding principle for Zero Trust, but I am encouraged by the hard business returns Zero Trust and Segmentation deliver."

Zerto recently commissioned IDC to conduct a major ransomware and disaster preparedness survey, which revealed that 79% of respondents have activated a disaster recovery response within the past 12 months. 61% of these incidents were triggered by ransomware or other malware with 60% of organizations reporting they had experienced unrecoverable data during that same time-substantially more than the 43% response rate to the same question a year ago.

Our only choice was to create and manage our own snapshot repository and snapshots. The initial snapshot for our largest domain took over 1.5 hours to complete and all subsequent daily snapshots took minutes!

If you breathed a sigh of relief after dealing with the Log4j vulnerability last year, here's some bad news. There are further equally nasty zero day vulnerabilities to come, so now is not the time to relax.