Jason Proctor, advisory systems engineer for cyber resilience at Dell Technologies (NYSE: DELL), said government agencies looking to achieve cyber resilience should develop a strategy that takes into consideration data isolation and immutability.
“In fact, isolation and immutability are essential techniques that can help agencies protect critical data from ransomware and other sophisticated threats,” Proctor wrote.
He described isolation as “a physical and logical separation of data from the production domain” and called it a key differentiator in all guidance on data recovery following a cyber incident.
“Isolation gives agencies the ability to recover their data should a cyber incident take place,” he added.
Proctor stated that immutability is a key aspect of cyber recovery since it could keep data from being deleted or changed for a specific time period and could help prevent internal and external threat actors from breaching the data protection environment of an agency.
“The overarching goal is to achieve cyber resilience, which is a combination of information security, data protection and cyber recovery,” he noted.
Proctor said complying with the National Institute of Standards and Technology’s Cybersecurity Framework and other cyber guidance could help agencies achieve information security and that cyber resilience also involves application security, employee education and endpoint security.
He also noted that encryption and automation could help agencies improve their ability to safeguard sensitive data.
“Automation ensures consistency in how that data is protected by removing the potential for human error. Encryption adds another layer of protection so that even if data falls into the wrong hands, it cannot be readily accessed,” he added.