The Importance of Disaster Recovery to Cyber Response
The IT Influencers stressed the importance of disaster recovery solutions in cybersecurity incident response.
Texas CIO Amanda Crawford says it’s not surprising disaster recovery was the top choice in the poll, since “disaster recovery planning is certainly very important for agencies so that they can reduce the recovery time and the associated business impacts from a cybersecurity incident.”
However, she says, it’s important for agency IT leaders to “balance or at least have the conversations around balancing disaster recovery with forensic investigation activities,” since there is sometimes a conflict between resuming service and conducting investigations into how and why incidents occurred.
Georgia CTO Steve Nichols says the focus on DR reflects that some organizations may not be “comfortable that they’ve got the strongest possible security posture, and they’re really setting up for playing defense — let’s just make sure we can recover if we do get hit with ransomware, versus trying to fend it off.”
Parker says that over the past few years, government CIOs and CISOs have often been told to implement certain vendors’ solutions because they were seen as leading cybersecurity products. However, as ransomware attacks have continued to proliferate amid the pandemic, government IT leaders have needed a “kind of reckoning to recognize that we need a multifaceted security structure in place that’s not overly reliant on one vendor over the other.”
“We also have to be continuously looking at what’s coming out and what’s new to make sure that we’re not falling behind and getting into a position that some of us have seen over the past few years,” she adds.