What a roller coaster ride we all had for the past 2 years due to Covid, it has taught us all many things, how our family and loved one matter the most, we started to appreciate the small things in our lives, we started to appreciate the freedom to travel, we learnt new skills and many of us picked up new hobbies, we quickly learnt to work with newer technologies and newer ways to connect using technology, Work can be done anywhere and everywhere, Biggest lesson was we learnt to be prepared!! We began to take care of our health more proactively. Now that we have gradually started to get back physically to our offices, that has brought back its own challenges. Last two years we worked from home, then as things began to improve, we started to work from coffee shops & co-working places. The devices that we used were exposed to public Wi-Fi infrastructure which brings with it risks that include malware, viruses, unencrypted connections can expose your login credentials both personal and work to hackers. Now these devices are on the organizations network as people start coming back to offices. The average cost associated with cyber-attack is approx. $4 million, and recovery can take days or weeks. Cyberattacks have both an immediate impact on business but can also have a lasting reputational impact if the business is unavailable for a long time. Unfortunately, cyberattacks are very likely to remain a significant threat for 2022 and beyond. It’s not a matter of if you are breached, it’s a matter of when. When a cyberattack occurs, your organization’s response will be the difference between permanent financial and reputational damage or comparatively short-term disturbance. Zomato the food delivery service suffered from a data breach that resulted in the details of approximately 17 million users being compromised. The immediate outcome of this breach was reflected in the drop of its stock price. At this same time, our world is going through some very tough geo-political tensions. The ways war used to be fought are different now, apart from land, air, sea and space there is this fifth dimension that is increasingly becoming more important and covert. This fifth dimension is economy via cyber warfare. Supply chains, electricity grids, economic activities etc would be subjected to more external attacks. Recently it was reported by United States Federal Aviation Administration that several US airports were subjected recently to cyber-attacks that resulted in congestions and flight cancelations resulting in losses amounting to Billions. Another example is the attack on Indian Power Grid and Distribution network targeted by hackers from outside the country. Organizations must re-evaluate, adapt, and mitigate these challenges and aim for Enterprise resiliency with an aim to secure the business. One of the most critical components of Enterprise resiliency is to protect the companies’ data from being compromised (Cyber-Security) and furthermore what would it take to recover from a potential hacks or threats (Cyber-Resiliency). It will need everything from defining policies, security audits, vulnerability assessments to threat monitoring and recovery. IBM offers a solution to mitigate these specific challenges, it starts with IBM QRadar, which does real-time monitoring of data activity for immediate response to breaches or suspicious behavior. The system will trigger IBM Safeguarded Copy to regularly creates isolated (separated from servers) immutable (unable to be changed) snapshots of data to help protect against cyberattacks, malware, acts of disgruntled employees, and other data corruption. And since Safeguarded Copy snapshots are on the same FlashSystem storage as operational data, recovery is designed to be faster than restoring from copies stored separately. A key component of the solution ends with IBM Cyber Vault solution that runs continuously and monitors snapshots as they are created by Safeguarded Copy. Using standard database tools and automation software, Cyber Vault checks Safeguarded Copy snapshots for corruption. corruption. The IBM FlashSystem Cyber Vault environment does not impact the production environment as it leverages a sandbox/clean room environment (logical partitions or VMs) to run data validation processes without affecting production workloads. This sandbox environment is also the place to train your teams, conduct forensic analysis after data corruption is detected, and—based on the analysis—exercise surgical recovery procedures with peace of mind that if something goes wrong with any step of recovery, your teams can always go back to the original Safeguarded Copy point-in-time copy.