Cyber ​​attacks are on the rise across all industries and types of organizations. Fortunately, companies are increasingly aware of the impact of cyber threats on their business-critical activities. A good recovery strategy is essential for this. For this strategy, they also look more often to solutions based on artificial intelligence.

A ransomware attack occurs somewhere in the world every 11 seconds. That’s a striking number from cyber security ventures. The same source adds that the economic cost of this non-stop wave of attacks is skyrocketing. By 2025, this could cost the global economy as much as $10.5 trillion a year. Fortunately, the development of security tools hasn’t stopped either. We owe this, among other things, to the breakthrough of machine learning and artificial intelligence.

AI in security and cyber recovery

Many industries have discovered the value of AI technology in recent years. It is important to realize that the tools cannot stand alone. Ultimately, the actual effect of AI still lies in the interaction with human users. In the medical field, AI can, for example, analyze X-ray images and suggest a diagnosis, but at the end of the journey there is always a doctor who uses his knowledge to check whether the diagnosis is correct and what treatment can help.

More than any other IT field, cybersecurity leaders can benefit greatly from AI applications. AI can significantly increase the resilience of the organization by taking over some of the repetitive work. Algorithms also make it possible to roll out a strong recovery strategy. After all, you can’t completely avoid an attack, so you need solutions to get back in business quickly.

The following five components belong to such a modern AI-based recovery strategy:

1. Automated data vaults

To be resilient to cyberattacks, one thing must not be missing: a Cyber ​​​​Recovery Vault. This digital vault offers multiple layers of security that reduce the likelihood of a successful attack, even if it comes from within. The concept takes the critical data away from the attack surface and places it in a protected part of the data center. Separate security credentials and multi-factor authentication are required for access. For added security, data vaults feature an automated operational air gap that isolates the network and disables potentially compromised interfaces.

Data safes have certainly already proven themselves. For example, several government institutions in Belgium have recently become victims of cyber attacks. If they had adopted this type of technology, the impact would have been much smaller, and there would certainly have been no need to pay ransomware claims. Even if hackers manage to penetrate the IT environment, they cannot access the content that is securely stored behind the doors of a data vault. In addition, uncompromised data copies after the attack ensure critical systems can be resumed quickly and the entire recovery process is completed in just hours (instead of days).

2. Data Isolation and Governance

Another method for a watertight recovery strategy is to set up an isolated data center environment that is separate from the corporate and backup networks. And which is only accessible to users with the right permission.

3. Smart analytics and tools

Machine learning and full content indexing with powerful analytics within the vault’s secure environment are effective tools for detecting threats. Automated integrity checks can determine if data has been compromised by malware and which tools can assist in recovery if necessary.

4. Restoration and sanitation

Incident recovery is a set of workflows and tools that use dynamic recovery processes and data recovery techniques. To bring critical systems back online quickly and safely, a comprehensive methodology for data protection, damage assessment and forensics is also important.

Of course, organizations also need to have confidence in the recovery solutions they install. Especially now that it is becoming increasingly difficult to take out cyber insurance. That’s why Dell introduced a “Cyber ​​​​​​Recovery Guarantee” in the US, a guarantee for customers to quickly recover data after an attack. The company provides up to $10 million in compensation to help organizations when they are unable to recover their data using Dell solutions. It ensures companies can launch their cybersecurity procedures with more confidence. The formula will also be available for European organizations in the near future.

5. Plan and design solutions

Finally, it is important for organizations to know that they are not alone. Expert advice and specialized services can help determine which business-critical systems need to be protected. And to find out which applications and services depend on it. The latter also helps in determining the right infrastructure for recovery.

For example, Zero Trust is a cybersecurity model that ensures that organizations no longer rely solely on perimeter defenses, but also proactively protects them by only allowing correct activities in the ecosystem. This is certainly necessary when companies need to optimize their security for different environments such as cloud, data center and edge.

Therefore, those who want to increase their cyber resilience need a multi-layered approach to security. In fact, any strategy should be a combination of people, process and technology. Dell Technologies is happy to take responsibility for showing what AI can do for cybersecurity. And how technologies can be supplemented with algorithms in order to optimally protect companies.

This is a contribution from Arnaud Bacros, Managing Director Dell Technologies Belgium & Luxembourg. Click here to learn more about the company’s security solutions.