EDITOR’ S QUESTION
WITH GROWING ADOPTION OF CLOUD AND DIGITAL PLATFORMS, WHAT ARE THE CYBER SECURITY BEST PRACTICES THAT CAN BE ADOPTED BY AFRICAN ENTERPRISES?
Much like the rest of the world, South Africa grapples with challenges emanating from a digital landscape fraught with escalating cyber threats that pose significant risks to enterprises. What makes the local threat landscape unique is that historically, South African organisations have placed less emphasis on security than their global counterparts. This oversight has made the country a target for cybercriminals. Executives from Commvault, Galix, Armata Cyber Security, In2IT Technologies, share their perspectives about the question.
MODEEN MALICK, PRINCIPAL ENGINEER, COMMVAULT
The distinction between disaster recovery and cyber recovery is more crucial than ever. At its core, disaster recovery is all about getting operations back on track after unexpected disruptions like natural disasters, hardware failures, or power outages. Think of it as the safety net that catches your business when something outside your control goes wrong. It is about restoring systems, data, and processes so that you can resume business as usual as quickly as possible.
Cyber recovery, however, is a whole different ballgame. It is not about accidental disruptions – it is about intentional, malicious attacks.
Cyber recovery focuses on dealing with the aftermath of cyberattacks like ransomware, data breaches, or other forms of hacking. These are not random events; they are calculated moves by bad actors aiming to disrupt your business, steal sensitive data, or hold your systems hostage. This fundamental difference in intent, accidental versus deliberate, means that organisations cannot simply lump cyber recovery into their existing disaster recovery plans.
The methodologies for each need to be distinct and purpose-built. While disaster recovery is often about speed and getting back online quickly, cyber recovery requires a more cautious approach. It involves forensic analysis to understand the scope of the attack, ensuring systems are clean before restoring them, and implementing measures to prevent reinfection.
Cyber recovery should be viewed as a distinct approach from traditional disaster recovery, requiring tailored investments in technology and training. By integrating cyber recovery into broader disaster recovery plans and proactively addressing these challenges, organisations can enhance their resilience against future threats.
26 INTELLIGENTCIO AFRICA www. intelligentcio. com