How cyber threats are changing the makeup of IT departments

Historically, IT roles for disaster recovery (DR) and cybersecurity have covered their respective specialties and seldom have intermingled. But the evolving cyber threat landscape is bringing them increasingly together.

computer programmer or hacker
Thinkstock

When I look back over the past decades and consider how the roles in IT have shifted to accommodate new and emerging technologies, I’m amazed at how far we’ve come. Do you remember the old punch cards, dumb terminals and greenbar paper? What about how the cloud impacted IT just ten years ago?

Fast forward to today and it’s no surprise that major changes are still occurring. But this time we are also seeing a faster-paced shift in the cyber threat landscape, as new forms of malware, ransomware, phishing, DDoS, SQL injections, cross-site scripting, etc. are becoming more damaging and commonplace. 

Historically, IT roles for disaster recovery (DR) and cybersecurity have covered their respective specialties and seldom have intermingled. But the evolving cyber threat landscape is bringing them increasingly together. Nowadays, given that security professionals have long been known for their quick incident responsiveness and DR professionals are committed to avoiding data loss, companies are recognizing the value both realms have in common in preserving overall business continuity. More companies are formally considering security incidents disasters—and rightly so, given the similar impacts on data loss, downtime, reputation, etc.

Since cybersecurity and DR both have a hand in meeting availability demands, many companies are incorporating their DR into their wider cybersecurity strategies, weaving them into a single response plan for effectiveness. In a recent IDG Research survey commissioned by Bluelock, 64% of respondents claimed that DR and security plans should be aligned.

This means that company leadership is increasingly asking DR and security professionals to join forces for full IT resiliency – and this doesn’t just mean working cooperatively. IT security must have a two-pronged approach to risk mitigation: a balance of preventative and restorative measures.

Take the threat of ransomware for instance, where a single attack can halt an organization with its sophisticated encryption methods that locks data from users. There are a number of things businesses can do to prevent such an attack, such as employee education, firewalls, antivirus, dedicated network scanning, two-factor authentication, etc., but at the end of the day it only takes one wrong click to invite an intrusion. In a ransomware scenario, companies have two choices: 1) Pay the ransom to release the data, or 2) replace the infected data with new copies.

When IT departments and business leaders don’t act fast in breach, they risk losing critical data forever and ending up with a reputational fallout if news leaks to the public. For this reason, it’s imperative to make your organization’s restorative capabilities just as strong, if not stronger, than your preventative cybersecurity measures. Accommodating these initiatives is yet another motive for business leaders to have IT departments shift their day-to-day roles.

Bridging these two important focuses of prevention and restoration, threat detection is also a critical component, since it helps to identify when a breach has occurred. After all, there’s no point in having a cybersecurity plan if there’s no capability of measuring the effectiveness of your prevention or knowing when to execute your recovery process.

Especially susceptible to cybersecurity incidents, industries with sensitive data are at the center of IT department evolution—since wherever there is sensitive information, there are usually compliance responsibilities as well. For example, the legal industry is subject to a code of conduct that requires firms to allocate their resources appropriately to manage risks and protect their clients’ assets. If a breach compromises client data under compliance, law firms may need to pay regulatory fines too.

For this reason, IT departments must go beyond simply having a mitigation strategy for cyber threats. They must prove its effectiveness to constituents, like auditors, board members, clients and insurers. To solve for this aspect, comprehensive documentation is critical.

Companies have long been using Disaster Recovery-as-a-Service (DRaaS) to solve for downtime and data loss. With IT’s shifting roles surrounding the mitigation of cyber threats, it should come as no surprise that people are now looking at DRaaS as a solution for cybersecurity as well. Given the reputation DRaaS has gained in the marketplace as being a reliable form of fast response during an event, it’s increasingly popular to offload burdensome DR maintenance tasks in favor of a streamlined IT department, which means an amplified focus on revenue generating projects.

The best advice I can give IT departments during this transformative time is to stay nimble. Your role, whether it has historically leaned toward DR or cybersecurity, will likely continue to evolve and it’s critical to adapt with the times. Embrace change as an opportunity and you’ll gain recognition as a key individual not only within your IT team, but also in the eyes of your company.

This article is published as part of the IDG Contributor Network. Want to Join?

NEW! Download the Winter 2018 issue of Security Smart