Cyber Security Insights for Resilient Digital Defence

Veeam expands data resilience for Microsoft 365

Veeam Software, a data resilience specialist, has announced the release of Veeam Backup for Microsoft 365 v8, delivering comprehensive and flexible immutability for Microsoft 365 data. Organisations can now ensure their Microsoft 365 data is resilient by employing a zero-trust, multi-layered immutable strategy, ensuring that backup data is safe from potential changes or deletions so that its original integrity stays intact. Currently protecting more than 21 million Microsoft 365 users, Veeam safeguards customers’ critical Microsoft 365 data to ensure that their business keeps running no matter what happens. "Losing the critical data, files and communications housed in Microsoft 365 is a catastrophic scenario for any organisation," says John Jester, CRO at Veeam. "That’s why we’re protecting over 21 million users today, more than any vendor in market, making Veeam the number one data resilience solution for Microsoft 365. "Veeam Backup for Microsoft 365 v8 ensures that despite expected cyber-attacks and data disruptions, organisations have ready access to critical business information to ensure business continuity. Now with the most comprehensive backup immutability for Microsoft 365, this release includes new architecture designed for efficiency and scale, as well as added support which is based directly on customer requests.” Veeam Backup for Microsoft 365 v8 combines immutable backups with existing immutable copies, delivering total defence for organisations’ backups. It provides the flexibility to store backup data on any object storage, including Azure Blob Storage, Amazon S3, IBM Cloud Object Storage, or S3-compatible storage. In addition to enhanced immutability, Veeam enables increased enterprise scale and efficiency with Veeam Proxy Pools. This architectural update boosts backup processing speed by distributing traffic across multiple proxies. By intelligently sharing the load and staying under the radar of throttling, enterprises can achieve better backup performance and efficiently scale up large environments with tens of thousands of users. Responding to customers, Veeam has expanded its support with several new features. Organisations now have the ability to use Linux-based backup proxies, providing more choices and a lower total cost of ownership. Additionally, Veeam Backup for Microsoft 365 v8 now supports private and shared Microsoft Teams channels, offering comprehensive protection for this popular communication and collaboration platform. Key features of Veeam Backup for Microsoft 365 v8 include: • Comprehensive immutability: The most comprehensive backup immutability for Microsoft 365 on the market. • Enterprise scale: Purpose-built architecture designed to handle the largest enterprise datasets. • Added support: Private and shared Teams channels, Linux-based backup proxies, and MFA access to the UI. Learn more about the new Veeam Backup for Microsoft 365 v8 and discover how organisations of all sizes can keep their data secure, protected, and accessible during the VeeamON Data Resilience Summit, taking place virtually October 1 (AMER and EMEA) and October 2 (APJ). Register now for free by clicking here. For more from Veeam, click here.

Logpoint and Advitum partner to advance cyber defences

Logpoint has announced a new strategic partnership with Managed Service Provider (MSP), Advitum, with the intention of helping to boost security for organisations in Sweden. Advitum is creating a log management and security service based on Logpoint to offer log management, threat detection, investigation and response (TDIR), and compliance capabilities. “We’re thrilled to partner with Advitum to help Swedish organisations advance their defenses against cyber threats and demonstrate compliance,” says Fredrik Jubran, Logpoint Regional Manager MSSPs. “Advitum is a very capable MSP with great customer satisfaction, and we’re proud to join forces with it to alleviate Swedish organisations of pressing cybersecurity challenges, such as expanding data and cybersecurity regulations and the shortage of qualified experts in the field.” Founded in Kalmar in 2010, Advitum is an MSP with dedicated security services, ensuring customers have complete control and the ability to combat cyber threats. Adding Logpoint Security Information Event Management (SIEM) gives Advitum the resources to add more value to customers with a service built around log management, TDIR, and compliance. Advitum can manage the solution locally to increase data protection. “We work with several critical infrastructure organisations, facing high requirements for visibility and the ability to report IT incidents,” says Markus Persson, Advitum CEO. “Currently, small and medium-sized Swedish organisations are struggling to either build a SOC or buy a SOC or Managed Detection and Response (MDR) service. Combined with regulations and how cybercrime is accelerating, our partnership has a lot of potential to help address that. “Logpoint has a flexible solution, working across premises, which means that our customers can have certain parts in the cloud or go with a completely on-prem-based solution. In addition, Logpoint is a supplier that can adapt and is very close to its customers and partners, which is crucial for us.” Logpoint is Europe’s largest SIEM vendor, offering solutions to collect and analyse security data to help organisations detect, investigate, and respond to cyberattacks faster and comply with NIS 2, GDPR, and other data and cybersecurity regulations. Logpoint is the only European SIEM vendor with a Common Criteria EAL3+ certification, demonstrating high data protection and robust systems geared to withstand current and emerging threats. For more from Logpoint, click here.

Kiteworks Private Content Network vision validated by investment

Kiteworks, a provider of secure content communications, has announced a $450 million (£348m) growth-equity investment from global software investors, Insight Partners and Sixth Street Growth. The investment, a partial liquidity event, will reportedly strengthen Kiteworks’ market position in secure data transfer and collaboration as the only security platform authorised by FedRAMP to provide unified support for file sharing, managed file transfer, and email data communications to meet a broad range of global compliance requirements.Jonathan Yaron, CEO and Chairman of Kiteworks, states, “This minority stake investment affirms Kiteworks’ role in providing a revolutionary solution to the world’s growing challenge of tracking and controlling sensitive data in motion and use. With recent ground-breaking innovations such as Next-Gen Digital Rights Management, combined with the growing industry and regulatory focus on tracking and controlling the data layer, the road to realising our vision has never been clearer. We’re excited to accelerate our growth and continue innovating to meet the evolving needs of our customers with the support of Insight Partners and Sixth Street Growth.”The new investment comes as organisations face an expanding cybersecurity risk due to complex third-party ecosystems and an increasingly stringent compliance landscape. Cybercriminals are targeting sensitive content in growing numbers, with supply chains offering significant opportunities for malicious actors. Meanwhile, compliance regulations such as CMMC, NIS 2, and HIPAA demand robust data protection measures.The Kiteworks PCN addresses critical cybersecurity challenges facing organisations worldwide by unifying the primary content communication channels of file share, file transfer, managed file transfer, email, APIs, and web forms into a dedicated secure platform. The investment from Insight Partners and Sixth Street Growth not only validates the company’s vision, but also signals a broader recognition of the essential role that secure content communication plays in today’s digital landscape. As cyber threats evolve and regulatory environments become more complex, Kiteworks stands ready to help organisations worldwide safeguard their most valuable digital assets.Eoin Duane, Managing Director at Insight Partners, comments, “We were immediately impressed by Kiteworks’ exceptional growth and innovative approach to securing content communications. In today’s complex digital landscape, Kiteworks addresses a critical market need and stands out as a leader in providing effective solutions that significantly improve risk management. We’re excited to partner with the Kiteworks team as they continue to help shape the future of cybersecurity.Alex Katz, Managing Director at Sixth Street Growth, adds, “Jonathan and the Kiteworks team are proven innovators and have architected a platform which is purpose-built to meet the challenges of the most secure and compliance-sensitive organisations. We’re excited to support their continued success and help Kiteworks capitalise on the significant market opportunities ahead.”Eoin Duane and Peter Sobiloff from Insight Partners and Alex Katz from Sixth Street will join the Kiteworks board of directors. For more from Kiteworks, click here.

DDoS attacks have surged by 106%, data reveals

Zayo Group, a global communications infrastructure provider, has released its latest bi-annual Distributed Denial of Service (DDoS) Insights Report, which includes details of a 106% increase in attack frequency from H2 2023. The report also found that an average DDoS attack now lasts 45 minutes - an 18% increase from this time last year - costing unprotected organisations approximately $270,000 (£210,000) per attack at an average rate of $6,000 (£4,700) per minute. It takes very little time, expertise or investment to run a DDoS attack, and with the AI boom, bot-based attacks have made it even easier to attack more often, in a more sustained manner, and with more requests per second. Beyond intensifying frequency and duration, AI is also driving the increased pervasiveness of DDoS attacks across many industries. In fact, for the first time in this report’s history, HR and staffing, legal and consulting, and transportation firms surfaced as victims of the top 10% of the largest DDoS attacks seen. Tema Hassan, Senior Product Manager at Zayo Europe, says, “Recent trends in Distributed Denial-of-Service (DDoS) attacks in Europe reveal a significant escalation in both frequency and sophistication. The number of attacks has surged, driven largely by geopolitical conflicts. This has led to an increase in attacks on critical sectors like financial services, telecommunications, and internet service providers, which are vital to national infrastructure. “New attack techniques, such as those exploiting vulnerabilities in modern web protocols like HTTP/2, have emerged, adding complexity to the threat landscape. Traditional methods like DNS-based attacks also remain prevalent and have grown in scale. In response, countries within Europe are implementing stricter cybersecurity regulations to bolster defence mechanisms against these evolving threats.” Max Clauson, SVP of Network Connectivity at Zayo, adds, “As we predicted last year, DDoS attacks in the age of AI have become more persistent and frequent across all industries, and our latest report confirms this heightened level as the new norm. What’s worse, if this trend continues, we expect attacks could increase another 24% by the end of the year. The only way to fight back is to add protection to your tech stack. When your business is protected, attackers have no other option but to move on to find an easier target.” Key findings by industry: • Telecommunications companies are still the most-targeted industry, making up 57% of all attacks. Other familiar industries experiencing the most frequent attacks include education (19%), manufacturing (5%), and cloud/SaaS (5%).• Manufacturing has replaced retail as the industry facing the largest DDoS attacks, followed by healthcare (up 128.5% compared to H1 2023). Not only did this industry experience a 308% increase in attack duration from 2023 to 2024, these companies also suffered a 200% increase in DDoS attack size.• Government entities continued to be the victims of the longest duration attacks, with an average attack time of over six hours. This is up 41% from the H1 2023. For nearly 30 years, DDoS attacks have been effective and the introduction of AI to deploy and elevate these attacks is only allowing them to evolve, growing more powerful, subversive, and frequent. Zayo says that every business must understand that it is a target, regardless of industry or size. The financial and reputational damage caused by DDoS attacks can be devastating, leading to significant revenue losses and long-term harm to brand trust. Additionally, the cost of mitigating attacks and restoring services is substantial, draining resources that could be better spent on growth and innovation. The only fighting chance businesses have is to implement a proper network protection strategy, Zayo tells us. To view the full report and learn more about how Zayo can help protect your business from cyber attacks, click here. For more from Zayo, click here.

DTX + UCX London is back for 2024

DTX London, the UK’s leading digital transformation event, has announced its doors will open on 2-3 October 2024, for what is set to be one of the most exciting technology exhibitions of the year. To maximise the experience, DTX will be co-located with Unified Communications EXPO (UCX) - the UK’s biggest show for colleague and customer communications, plus Digital Commerce Expo - which explores the technologies revolutionising customer experience. DTX + UCX will welcome decision makers from the biggest brands in the UK, including Lloyds, BT, Microsoft, DWP, Booking.com and Deliveroo. These forward-thinking organisations will take centre stage, offering insights into how they are harnessing technology and data to drive forward their digital agendas whilst putting trust and security at the heart. The event will be a hotspot to get involved in and learn about today’s most important digital conversations, with exclusive panels, workshops, technical deep-dives and community meetups. Whether it’s AI, cyber security, DevOps or cloud, DTX provides insights across the entire technology stack, with UCX covering unified communications and collaboration tools for both colleague and customer experience. The events combined will provide visitors with ideas, case studies and unrivalled knowledge from those at the forefront of digital transformation - all under one roof. The event has been designed around today’s most topical issues and its audience will gain unique insight around how to: • Master the art of continuous reinvention to keep up with tech advancements• Modernise IT tool stacks, maximise legacy infrastructure and reduce tech debt• Cut through the noise and identify the AI use cases for your business• Architect your way to next-gen software engineering and delivery whilst improving DevX• Establish responsible frameworks for data and AI through effective governance and architecture• Build a secure ecosystem that is responsive to today’s threat landscape• Educate and empower colleagues with the latest communications and collaboration tools• Meet changing customer demands for interaction and engagement• Streamline your IT service desk for faster and more intuitive responses• Attract and retain the best and diverse tech talent DTX + UCX helps organisations stay ahead of the competition, offering insight to help them rethink their current operational strategies, reimagine their future possibilities and realise their potential for change. Tackling this year’s event theme – 'The Road to Reinvention' – DTX + UCX will also present a series of case studies, roundtables, hacks, debates, and workshops. To guarantee a front-row seat and join the game-changers and tech pioneers at this year’s most exciting digital event, get your free pass by clicking here.

Summit Homes enhances operations courtesy of Macquarie

Macquarie Telecom, part of Macquarie Technology Group, has announced it has signed a new agreement with Summit Homes Group, a Perth-based leading residential builder. The deal has enabled Summit Homes to enhance its operations, decrease costs, and improve customer service as it delivers modern builds for Western Australia’s growing population. As Summit Homes’ business expanded from 280 to more than 500 staff in the last few years, with multiple additional sites, the company sought to enhance its operations with a more integrated and efficient telecommunications solution. It was vital to Summit Homes to maintain focus on delivering exceptional customer service while also looking to improve cost control and security as cyber risks expand in Australia. Recognising the limitations of its provider and dissatisfied with the high cost, lack of customer service, and lack of understanding of Summit Homes’ growing business needs, the company engaged in a tender process to find a comprehensive networking upgrade that would replace its existing environment and streamline infrastructure management, enhance security, and improve bandwidth across current and future sites. Surrounded by reports of the Western Australia housing crisis, many residential builders struggled with increased demands and soaring costs. “In the residential construction industry, embracing change and prioritising customer experience is crucial,” says Summit Homes IT Manager, Fabio Fusari. “We prioritise building strong relationships with our clients and understanding their unique requirements for traditional homes, unit developments, renovations, modular and ‘innovative tiny’ homes. “When it comes to people’s homes, personalised interactions and proactive communication aren’t ‘nice-to-have’, they’re critical.” Having partnered with Macquarie Telecom in 2003 for a mobile fleet of over 200 services, Summit Homes made the decision to rely on its trusted partner once again. The Australian telco rolled out a robust, secure, multi-carrier access wide area network (WAN) to all sites. The choice of best access type in each site, between NBN, Telstra, and other major carriers was pivotal in balancing cost reduction with quality of performance, and networks are made resilient with 4G/5G backup. “The dedicated project management team at Macquarie Telecom ensured the rollout of the network to all sites, including our showcase head office and new regional offices, was smooth,” Fabio adds. “If we had an issue, our call would be answered immediately by someone local, and we knew the problem would be fixed.” The new agreement has considerably improved network infrastructure which resulted in improved connectivity and efficiency across all sites and primed the company for continued expansion. Summit Homes has also seen cost savings and a reduction in administrative overhead, allowing the company to focus more on its core business of building quality homes and providing exceptional customer service. “Summit Homes has seen astonishing success in a difficult sector which is currently under the microscope, and this is largely due to the company’s ingrained passion for innovation, adaptability, and customer service,” comments Aaron Tighe, Western Australia State Manager, Macquarie Telecom. “Macquarie Telecom has built its business on customer experience, and we place a high value on forging meaningful connections with our customers, so they are better able to achieve their goals.” “Macquarie Telecom’s customer-centric approach has ensured we receive personalised support and tailored solutions to meet our exact needs,” Fabio notes. “The customer service has been fantastic throughout the whole process. We’ve worked with different providers and partners in the past and although customer service is often excellent during the sales process, once you sign on the dotted line, you don’t hear from anyone ever again.” For more from Macquarie Telecom, click here.

New bill protecting public services from cyberattacks

In yesterday's King’s Speech (17 July 2024), the new Labour government pledged to strengthen the UK’s cybersecurity and resilience, promising to introduce new legislation designed to protect critical infrastructure and the digital services businesses rely on from highly damaging cyberattacks. The Cyber Security and Resilience Bill will expand the remit of existing regulation to cover a broader range of digital services and supply chains, put regulators in a better position to ensure best practices are implemented, and mandate increased reporting so that better data on cyberattacks, and their impact, is available. This comes following a series of cyberattacks against public bodies throughout the year, including attacks targeting the NHS and MoD. Darren Anstee, Chief Technology Officer for Security at NETSCOUT, comments on the new Cyber Security and Resilience Bill, and the best practices for organisations to implement to improve their cyber resilience: “The existing regulations in the UK, introduced in 2018, have helped to ensure that critical national infrastructure and the services it delivers are defended from cyberattacks. As we’ve seen recently though, attackers are targeting these services indirectly by going after elements of their supply chain. We’re also seeing the nature of the threats we all face evolve, with more sophistication and broader, as well as increasingly persistent, activity from nation-state affiliated actors. Given this, broadening the scope of regulation, and giving the regulators more powers to ensure best practices are followed, can only be a good thing. “Equally important is the ability to mandate increased incident reporting. A broader, deeper and more timely view into the nature of the incidents that organisations experience can help to both refine best practices and ensure that companies can move quickly to prevent attackers repeating their success. Bad actors share tools and techniques – organisations delivering critical services, and those involved in their supply chains, should follow suit, working with one another, or via industry and government institutions that can aid communications. “What’s key in delivering better reporting capability, from a technology perspective, is that organisations have consistent visibility across their increasingly diverse infrastructures, without blind spots at internal or external technology borders. Consistent broad and deep visibility helps to ensure comprehensive threat detection, but also speeds up investigation and delivers the forensic capability required.” For more from NETSCOUT, click here.

Avaneidi secures funding to advance data security

Avaneidi, an innovative Italian start-up specialising in security enterprise storage systems, has announced an €8 million (£6.7m) Series A funding round by United Ventures. The investment underscores a shared commitment to advancing solid-state storage technologies, enhancing data security, and promoting a sustainable digital transition. Avaneidi develops comprehensive enterprise storage systems based on a rigorous 360-degree, multi-level 'security by design' approach, enabling an unprecedented degree of cyber security, protection and data reliability for enterprise-grade applications. Avaneidi’s storage technology advancements boost performance, security and reduce energy consumption. This allows electronic devices and data centres to increase their operating efficiency and limit their carbon footprint, addressing key sustainable development goals such as clean energy and sustainable industry innovation. Avaneidi’s Enterprise Solid State Drives (ESSDs) utilise tailor-made chips and advanced algorithms, providing a bespoke solution optimised for performance and cyber security applications. Designed for on-premise data centres, their storage appliances offer a cost-effective, highly efficient alternative to traditional storage solutions, featuring extended drive lifetime, improved security and significant energy savings. “Our mission at Avaneidi is to pave the way for more secure, efficient, and sustainable data storage solutions,” says Dr. Rino Micheloni, CEO of Avaneidi. “This funding will keep us at the forefront of the market, enabling us to accelerate the development of our enterprise ESSDs and all-inclusive storage appliances. Unlike off-the-shelf products, our solutions address cyber security and data governance issues by leveraging a tight hardware-software co-design while offering extensive customisation options.” Avaneidi targets organisations and industries that are highly sensitive to data governance and security, particularly within the rapidly evolving field of AI applications, where these issues are of paramount importance, such as finance, defence, automotive and healthcare. By prioritising data integrity and protection, Avaneidi empowers entire industries to better leverage AI technology safely and effectively when it comes to storage solutions. Avaneidi’s technology’s potential has attracted the attention of major industry players, the company states. Negotiations and preliminary agreements are in place to validate and expand the market reach of its innovative products. “United Ventures invests in technologies that have a tangible positive impact,” states Massimiliano Magrini, Managing Partner at United Ventures. “Avaneidi's vision and mission to enable organisations to make better and more sustainable storage decisions, focusing on governance and data security, align with our investment philosophy. By channeling resources into AI infrastructure like Avaneidi’s, we aim to facilitate the development of technologies that will redefine industries and transform tomorrow's society.” As the AI sector rapidly expands, robust infrastructure for advanced AI applications is paramount. According to recent estimates, the AI infrastructure market is projected to grow from $25.8 billion (£20.3bn) in 2022 to $195 billion (£153.9bn) by 2027, reflecting a compound annual growth rate (CAGR) of 50%. This surge is driven by significant advancements in AI computing, which is expected to escalate from $15.8 billion (£12.4bn) in 2022 to $165 billion (£130.2bn) in 2027, achieving a 60% CAGR.

Infinidat innovation recognised for its cyber security credentials

Infinidat, a provider of enterprise storage innovations, has announced that its InfiniBox SSA II has been recognised by analyst firm, DCIG, as one of the world’s top cyber secure all-flash arrays (AFA) for enterprise storage. This high ranking, which was revealed in the 2024-25 DCIG Top 5 Cyber Secure High-End All Flash Arrays Report, is based on independent research that DCIG conducted into the AFA marketplace, with an expanded focus on cyber storage resilience and recovery. “The recognition of the InfiniBox SSA II as one of the top five cyber secure AFAs in the world validates that not only is Infinidat’s primary storage solution the fastest all-flash array with industry-leading ultra-low latency, but also an industry acclaimed solution for cyber resilient storage,” says Eric Herzog, CMO at Infinidat. “Ever since we delivered the ground-breaking capabilities of InfiniBox SSA with our InfiniSafe cyber storage software and our InfiniVerse platform, Infinidat has redefined cyber resilience and recovery for enterprise storage. With an unprecedented guarantee, our InfiniBox SSA II ensures that enterprises and service providers recover and restore data at near-instantaneous speed after a cyberattack, significantly reducing the impact of ransomware and malware and saving companies time and money.” Cyber resilience is among the most important and highly demanded requirements of enterprises today to ensure exceptional cyber security and resist cyber attacks across the entire storage estate and data infrastructure. Infinidat’s InfiniSafe cyber secure capabilities in the InfiniBox SSA II innovation combines immutable snapshots of data, logical air gapping, a fenced forensic environment, cyber detection, and virtually instantaneous data recovery, which clocks in at less than one minute, guaranteed. Infinidat leverages artificial intelligence (AI) / machine learning (ML) to provide deep content-level scanning to identify compromised data. The InfiniBox SSA II creates a private network that is isolated for data validation, facilitating the critical step of identifying a clean copy of data for reliable, rapid recovery. "Having a cyber secure all-flash array is a necessity for enterprises to protect data from cyber attackers and ensure the security of the entire storage infrastructure, as well as to maximise business benefits by automating and consolidating workloads onto a higher-performance all-flash platform," said Dave Raffo, Consulting Analyst at DCIG. "A legacy all-flash array without cyber security capabilities built into it is already outdated and a potential huge liability in today's world of continuous cyberattacks. Our list of the top five Cyber Secure High-End All Flash Arrays constitutes the future of enterprise storage. The InfiniBox SSA II has earned a top spot because of advanced cyber resilience features on its platform, coupled with the performance, scalability, 100% availability, and cost-effectiveness that enterprises need." The InfiniBox SSA II is Infinidat's high-performance, all-flash array aimed at mission-critical workloads that demand the ultimate in real-world application performance. It is integrated with the InfiniVerse platform, which accelerates Artificial Intelligence for IT Operations (AIOps) to automate and streamline storage management, utilises AI-based predictive analytics, and enables easier management of hybrid cloud storage implementations. In addition to creating a cyber secure enterprise storage infrastructure that is efficient and dynamic, the InfiniBox SSA II allows customers to not only have optimal application and workload performance, but also allow for substantial storage consolidation, transforming storage performance, providing superior reliability, and reducing CAPEX and OPEX. The SSA II delivers the same 100% availability, white glove service, and lower total cost of ownership that defines the industry acclaimed InfiniBox customer experience, the company states. To read the DCIG report, click here. For more from Infinidat, click here.

Storage must form the core of an enterprise cyber security strategy

By James ‘JT’ Lewis, Director of Channel Sales for EMEA and APJ at Infinidat It’s no wonder that in PwC’s 24th Annual Global CEO Survey, leaders ranked cyber attacks second place amongst the most serious of all possible economic, social, political, business, and environmental threats. Ransomware attacks represented 12% of breaches of critical infrastructure in the last year.  Cyber security experts have estimated that global cyber crime costs will exceed 7.5 trillion Euros this year, according to CyberSecurity Ventures. Enterprises run on data and when it’s hacked or corrupted by cyber criminals, the disruption can topple an operation overnight, with multi-million Euro consequences. The irony is that, if the fallout from a cyber attack happened that quickly, it may be less problematic to recover from. Remedial action should be started immediately and any damage minimised. The actual problem is much more insidious because when cyber attackers target an enterprise, they usually wait for almost six months before taking action. This increases their ransom power and without the right data controls, the victim’s only option may be to concede to whatever financial demands are being made. In that timeframe, their primary data, the live data your business operations depend on, could have been exposed to all kinds of criminal activity. For this reason, enterprise storage has become a main target of cyber criminals for the most damaging and hard-to-detect ransomware and malware attacks. One reason why enterprises still get trapped is because a cyber security strategy tends to focus on keeping criminals out in the first place, rather than accepting that attacks will most likely happen and there is an impetus for having a watertight strategy. The wolf will definitely keep knocking and will get inside your house. So, what steps can you take? Firstly, cyber security’s emphasis must widen, to address three areas - detection, resilience and recovery - and plug the vulnerability gap that cyber criminals have been exploiting. Combining resilience, which is the ability to instil defensive security measures to repel attacks; detection, which is the ability to know when data is corrupted and whether a known good copy of data is free of ransomware or malware; and recovery, which is the ability to bounce back and recovery with a known good copy of the data from cyber attacks, is the key to hardening storage infrastructure. Converging cyber resilience, detection, and recovery on an integrated enterprise storage platform is an advancement over former siloed approaches that rely on disparate tools and technologies. It makes the cyber capabilities more air-tight and ensures a rapid recovery of data within minutes to thwart cyber criminals, nullifying ransom demands and minimising downtime or damage to the business. There are some key features of enterprise storage that need to be in place to ensure cyber resilience against today’s cyber criminals, all of whom are highly skilled technology experts. These include ensuring the immutable nature of the data, recovered from a copy you can trust. Air-gapping to separate the management and data planes to protect the data. A secure forensic environment, to analyse the data thoroughly and ensure the fastest recovery speeds possible is critical. Immutable snapshots allow the end user to roll back the clock and recover guaranteed, uncorrupted copies of their data, before the execution of any malware or ransomware code introduced by an attacker. Immutable snapshots ensure data integrity because they prevent data copies from being altered or deleted by anyone. Even internal systems administrators are locked out of immutable snapshots manipulation. The enterprise can be confident that any disruption or damage caused by the intrusion is minimal. Logical air gapping adds a further layer of security, by creating a safe distance between the storage management layer and the immutable snapshots. There are three types of air gapping. Local air gapping keeps the data on premises, remote air gapping makes use of a remotely hosted system and hybrid air gapping combines the two. Fenced forensic environments help speed up the recovery process by providing a secure area to perform a post-attack forensic analysis of the immutable snapshots. The purpose here is to carefully curate data candidates and find a known good copy. The last thing an enterprise wants after an attack is to restore data infiltrated with malware or ransomware. Once these core elements are present within your storage infrastructure, the whole restoration can progress like clockwork. It’s why our focus as an organisation is dedicated to educating IT leaders about the need for a convergent, tripartite approach. One that combining cyber resilience, detection, and recovery on a single storage platform. Reliance solely on backups and preventing attacks is no longer enough to secure storage systems.