In a recent article outlining his vision for protecting the United States from cyberattacks, the U.S. Department of Homeland Security Secretary, Alejandro Mayorkas, commented on the rise in cyber threats and the recent intensification of hacks, including a major attack on federal agencies that was identified in 2020. In his words, “this incident is one of many that underscores a need for the federal government to modernize cybersecurity defenses and deepen our partnerships.” These ongoing cyberattacks, coupled with security experts experiencing cybersecurity fatigue, agencies are averaging $1.37 million in rectifying costs due to increased ransomware attacks and underline the importance of building cybersecurity defenses with a comprehensive data protection strategy. 

Federal agencies are struggling to keep pace with the number and diversity of new cyberattacks. With access to highly valuable data at stake, agencies must determine ways to safeguard their information from hackers. For example, cybercriminals have become experts at inserting malicious software inside backup data with a “time bomb” attached to the malware. When activated — which can be months after insertion — it will disrupt agencies unless a ransom is paid. This is essential as traditional backup software (that many agencies still have today) was not designed for cybersecurity, only to preserve data in case of accidental deletions, data corruption, or a natural disaster. Comprehensive data protection strategies can help agencies with these traditional data backups and support in the case of cyberattacks.  

Kevin McDonough, Advisory Systems Engineer at Dell Technologies, explained that “at a high level, [Comprehensive Data Protection is] about sync, copy, lock, and analyze. Together, these capabilities are a solid plan for ensuring that data is protected no matter what.” After a cyberattack occurs, it is critical for the agency to recover as much data as possible and to be prepared for a myriad of possibilities when it comes to threat prevention. A comprehensive data protection strategy prepares agencies with a three-step plan for data isolation, locked retention policies, and effective analytics and forensics tools.

The three-step plan includes strategies for:

1. Data isolation and governance: Data needs to be secure no matter its state through full isolation by physically and logically separating data within an air-gapped vault. This vault is an isolated environment disconnected from networks and restricted from those without proper credentials. 
2. Automated data copy and air gap: Traditional storage isn’t enough to preserve data integrity and confidentiality because if enemies can see the data, they can encrypt or destroy it. By creating immutable, unchangeable copies of data with locked retention policies, agencies can provide the isolation needed for the air-gapped vault.
3. Analytic tools to quickly detect and recover from cyberattacks: Specialized tools, such as machine learning, can help to detect cyberattack vectors within the vault and alert administrators if suspicious activity occurs. Forensic analytics reports can also provide administrators with details of cyberattacks and processes. Additionally, these tools can root out many false positives based on historical data to combat alert fatigue.

As cybersecurity threats advance, agencies need to meet attackers with comprehensive and decisive security approaches that protect valuable data. A comprehensive data protection strategy ensures your agency has a separate data location, where data can recover when a cyberattack occurs. 

To learn more about protecting your agency’s data at all costs, click here.