Cohesity proposes shift from existing disaster recovery tactics – News

Cyber resiliency has emerged as an essential pillar in organizational cybersecurity strategies. With the increasing sophistication of cyber threats, businesses can no longer rely on traditional disaster recovery frameworks alone.

Instead, they must adopt a proactive and holistic approach to mitigate the impact of inevitable attacks, according to James Blake (pictured), vice president of cyber resiliency strategy at Cohesity Inc.

“You get resilient by doing the right things, and a product can help you get there,” he said. “But the most important thing is also the skills and the operational outcomes, the processes that you build around that product. Because with the best products in the world, if you’re not using it in the right way and you’re not doing the right things with people that know how to use it, you’re never going to achieve that utopia of being resilient to the kind of attacks that we see today.”

Blake spoke with theCUBE Research’s Christophe Bertrand at the Cyber Resiliency Summit, during an exclusive broadcast on theCUBE, News Media’s livestreaming studio. They discussed the critical notion that cyber resiliency is not just about bouncing back but about building enduring strength against future challenges. (* Disclosure below.)

Why conventional disaster recovery doesn’t cut it anymore

Traditional disaster recovery is no longer sufficient in today’s threat landscape. Instead, organizations must prioritize cyber resiliency and recovery. This shift acknowledges the inevitability of cyber incidents and the need for comprehensive preparation, according to Blake.

“A lot of people that talk about cyber resilience don’t talk about response,” he said. “They don’t talk about the investigation of the incident and finding [the] root cause. Also, the eradication of those persistence mechanisms, the vulnerabilities that allowed them in in the first place — [which accounts for] 54% of the attack vectors from ransomware. The solution is not to simplify the problem; the solution is to provide simple solutions to a complex problem.”

As cyber threats evolve, businesses must adapt by embracing integrated approaches that combine data protection, compliance and advanced cybersecurity techniques. The convergence of these domains underscores the importance of staying ahead of adversaries through innovation and collaboration, Blake added.

“Don’t try and do everything,” he said. “Just make sure that solutions that exist out there for things such as access management, DSPM and endpoint security controls work together. The second thing is a lot of people are out there, and they are simplifying the incident response process. Cybersecurity incident response is not simple.”

Cohesity adheres firmly to its “clean room” concept, which is a secure environment for investigating and recovering from cyber incidents. This sterile enclosure plays a pivotal role in ensuring secure recovery without reintroducing vulnerabilities or persistent threats.

“It’s not uncommon after ransomware incidents to see organizations recover over a dozen times,” Blake said. “So, you imagine if they promised the organization a recovery time objective of two days, multiply that by 12. The organization is really going to start to question whether they were truly prepared. But to stop that kind of recovery reinfection or retack, we need to be able to investigate that incident.”

Here’s the complete video interview, part of News’s and theCUBE Research’s coverage of the Cyber Resiliency Summit: 

(* Disclosure: Cohesity Inc. sponsored this segment of theCUBE. Neither Cohesity nor other sponsors have editorial control over content on theCUBE or News.)

Photo: News