A new system recovery offering from former IBM division and current managed infrastructure service provider Kyndryl incorporates air-gapped data vaulting technology from Dell for faster recovery from major cybersecurity incidents like ransomware attacks.
The Cyber Incident Recovery service is a four-part system, says Kyndryl global security and resiliency practice leader Kris Lovejoy. Kyndryl provides an orchestration tool that offers users a way to respond programmatically and immediately to a cybersecurity event, an analytics tool that uses machine learning to do regular integrity checking on system configuration data (ensuring that it hasn’t been compromised by bad actors), and the company’s own in-house expertise in deployment and configuration of large-scale, enterprise systems.
The fourth part is the newly added Dell cybervaulting capability, which provides an air-gapped repository of known-good configuration and backup data for speedy recovery in the event of a major system compromise.
Lovejoy says that the idea behind the newly buttressed partnership is to address a logical gap between cybersecurity and disaster recovery/business continuity, particularly where ransomware is concerned.
“This is a practical problem that the market faces, that we’ve been focused on for a long time,” she said. “Ransomware is creating a new recognition that there are gaps in our organizational structures.”
That gap creates a serious issue in cases where a business has to recover from a ransomware attack — recovering newly wiped systems requires clean backups and configuration data, neither of which is a given in the wake of ransomware.
“Imagine your entire infrastructure has been locked up — an incident response provider helps you contain the event and then the question is ‘how do you bring it back?'” Lovejoy says. “You have to assume you have [usable] storage, you have to assume you have a [usable] system configuration, and that’s frequently not accurate.”
Moreover, the process of recreating clean configurations and recovering backup data from deep storage is often sufficiently time-consuming that it can be more cost-efficient to simply pay the ransom, instead.
By integrating Dell’s cybervaulting capability, then, Kyndryl is hoping to eliminate a key variable that can cost valuable backup time and effort, and — ideally — make it much more attractive to recover organically, instead of paying off cybercriminals.
“This kind of technology ensures that, if there’s been a ransomware event, that the company has a backup that can be activated in an automated fashion,” Lovejoy said.
Copyright © 2022 IDG Communications, Inc.