The Importance of Cyber Resiliency in Protecting Your Data

3 min read

With the rapid evolution of different kinds of cyber-attacks, establishing a plan for cyber resiliency is more important than ever.

In my previous blog entitled “Cyber Resiliency 101: Required learning for all,” I said “Cyber threats like ransomware, which made its very first appearance in 1989 and has been on security teams’ and law enforcement’s radar for the past seven or eight years, are not fads. It’s not going away.”

Ransomware has evolved a lot since its inception and will continue to evolve, meaning that it will improve in its nefarious aims. It’s getting more sophisticated and more destructive, and it is only going to get worse. Ransomware is not the only cybersecurity threat that organizations need to be aware of, however; 2022 has seen an uptick in the use of wiperware.


2021 and prior

  • Malware:
    • Type of attack: Data theft
    • Motive: Profit-driven
  • Ransomware:
    • Type of attack: Data encryption
    • Motive: Profit-driven

2022 and beyond

  • Malware:
    • Type of attack: Data theft
    • Motive: Profit-driven
  • Ransomware:
    • Type of attack: Data encryption
    • Motive: Profit-driven
  • Wiperware:       
    • Type of attack: Data deletion
    • Motive: Chaos-driven

What is ransomware?

Ransomware is an attack where a bad actor can infiltrate a business, government or personal network and encrypt any data, making it impossible for the user to access the data. The bad actor can then demand ransom money or payment in order to unlock or decrypt the data to return it to its previous state. However, paying the ransom does not always guarantee that the data will be decrypted.

What is wiperware?

A wiper attack involves deleting/overwriting/removing data from a victim using wiperware. Unlike typical cyber-attacks, which tend to be for monetary gain, wiper attacks are destructive in nature and do not involve a profit motive. However, it is possible that wiper malware may be used to cover the tracks of data theft.

Wiperware has reportedly been used in Ukraine, and considering the current state of the world — whether state-sponsored or by individuals (who can easily obtain the code) — it is not far-fetched to see an uptick of wiperware being used in other regions or countries.

Cybersecurity and cyber resiliency

Both wiperware and ransomware present a serious threat to both cybersecurity and cyber resiliency. But what exactly are cybersecurity and cyber resiliency, how are they related and what is the difference between the two? Fundamentally, cybersecurity is how an organization protects its information and assets from any outside threat or cyberattack. This includes fortifying structures/systems and reducing vulnerabilities in order to minimize the likelihood of a cyber breach.

Cyber resiliency builds upon cybersecurity. Cybersecurity is preventative in nature — as in, “Let’s lock all the doors to keep any bad actors out.” The objective of cyber resiliency, on the other hand, is to prevail in the event of a cyber breach — as in, “It’s very likely that we will be breached. We need to plan and prepare now to continue operations despite a breach.”

In short, cyber resiliency is “Plan B” for when the attackers succeed and become intruders. Cyber resiliency’s objectives are two-fold — protecting crucial data and providing the ability to quickly recover in order to resume normal business operations.

Any celebrity or high-profile VIP knows the difference between security measures and resiliency measures. A VIP does not live in a typical suburban home with little security erected or resiliency built-in. Their homes have layers of security — perimeter walls/gates, video surveillance, an entry gate with security guard, security personnel with dogs patrolling the premises, alarms on windows and door, etc. But that is not all they have; they have a “Plan B” in the form of resiliency measures, too! When all security measures fail and an intruder makes their way into a VIP’s home, the VIP can fall back or escape into a “panic room” or “safe room.” 

Cyber resiliency services to protect your data

With malware/ransomware/wiperware continuing to evolve, becoming more sophisticated and more destructive, it is crucial that organizations follow the lead of VIPs and design “safe rooms” for their Very Important Data (VID).

For those who would rather not go it alone and would prefer some outside assistance and expertise, IBM System Lab Services offers two different cyber resiliency services:

  • Cyber Incident Response Storage Assessment (CIRSA)
  • Cyber Vault - Architectural Workshop (CV-AW)

Both are “open systems only” (excludes mainframe) assessments focused on cyber resiliency:

  • CIRSA is strategic and has a wider scope: Applications/data sitting in block, file and object environments. The CIRSA report contains vendor-neutral/agnostic recommendations, but showcases the IBM cyber resiliency solutions in the future-state design.
  • CV-AW is tactical and has a targeted scope: Applications/data sitting on IBM Block platforms (e.g., Spectrum Virtualize or FlashSystems). The CV-AW report produces Cyber Vault/SGC architecture and solution sizing and tees off phase two and three of the Cyber Vault offering. Note: CV-AW is phase one of the three-phase Cyber Vault service offering.

To learn more about these cyber resiliency services, please contact IBM Systems Lab Services.

Be the first to hear about news, product updates, and innovation from IBM Cloud