Earlier this year, theCUBE profiled Nature Fresh Farms Inc.’s encounter with a ransomware attack and how it was a key part of its journey of discovery on the road to cyber resilience.

Since that time, the company has changed not only how it looks at things, but also how it does things, according to Keith Bradley (pictured), vice president of IT and security at Nature Fresh Farms.

“We now make sure that the vendors are much more compliant with our cybersecurity policy,” he said. “We are much more adamant about what’s open on our firewalls and how things are.”

Bradley shared the key learnings of the ransomware attack with theCUBE industry analyst Dave Vellante at the Dell Data Protection: Episode 2 event, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed what the company changed and what the future looks like for Nature Fresh Farms. (* Disclosure below.)

The lessons learned

Even though the company’s backup solution worked to recover data, it was determined that its six- to seven-hour window wasn’t fast enough for recovery, according to Bradley. For that reason, Nature Fresh Farms went out and rebuilt its entire backup policy. From there, it instituted a cyber vault, which is basically a virtual air gap solution.

“That not only protects your data, but analyzes the data to see if there’s any hackers laying in wait in the data that is going into this vault,” Bradley said. “We really started to look at how do we back things up every day, and actively saying, ‘We don’t want to do this, we don’t want to change the way we do it and this is how we’re going to secure a network.’”

In the future, it’s possible that the company will consider an offsite air gap. But for now, the company is using Dell’s PowerProtect Data Manager to meet the company’s needs. The next step for Nature Fresh Farms would be to air gap to one of its other locations. In fact, the company would actually air gap to two different locations before going on the cloud more, just because it has such a diverse area, according to Bradley.

“I kind of like to say that we’ve built our own on-prem cloud to make things work,” he said.

On the other side of the ransomware attack, there are additional lessons learned by the company. As for what advice Bradley might share with a company that is in the position Nature Fresh Farms was in prior to the attack? The first thing that came to mind for Bradley was that whatever a company thinks it is doing today, it’s never going to be enough. What’s important is that a company looks at both sides of the coin, according to Bradley.

“How do I protect my network? And, yet, how do I recover when it happens?” he asked. “It’s always a matter of when. So be prepared on both sides. Protect your network from the attack, and be prepared to recover from the attack.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the Dell Data Protection: Episode 2 event:

(* Disclosure: TheCUBE is a paid media partner for Episode 2 of the “Navigating the Road to Cyber Resiliency” event. Neither Dell Technologies Inc., the sponsor of theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE