Cybersecurity Awareness Month will soon draw to a close, ending the 20th iteration of the event at a time when cybersecurity risks have never been higher. A July report from IBM Security found that the global average data breach cost increased to $4.45 million, up 15% over the last three years.

The landscape and the attack surface from a data perspective are huge these days. That’s especially true given the ransomware and other cyber threats occurring right now, according to theCUBE industry analyst Rob Strechay (pictured, right).

“Getting practical about cyber and data resilience is the key in the name of this,” he said I”t’s something that I hold near and dear to my heart, having been an IT practitioner and been on the customer side, as well as being on the vendor side. I think organizations really need to understand and have a better focus on this, especially with all the threats that are going on.”

Considering those threats were the key focus on everyone’s minds before the “Beyond Firewalls: Resilience Strategies for All” event on Oct. 19. The event comes as IBM Corp. seeks to attempt to facilitate the shift from cybersecurity to cyber resilience.

Analysts for theCUBE, SiliconANGLE Media’s livestreaming studio, handled the exclusive coverage during the event, talking with technology experts to explain cybersecurity threats and how to build a defense. They discussed how to fight back against cyber threats and how to navigate the path to cyber resilience. (* Disclosure below.) 

Here are three key insights you may have missed from the “Beyond Firewalls: Resilience Strategies for All” event:

1. Breaking down silos is being seen as key.

Enterprises have been adopting artificial intelligence technologies to help with threat detection, but attackers have access to that same technology. Research from IBM also suggests a big problem: What used to take attackers 60 days to cause attacks now takes less than four days, while response time is still roughly about two to three weeks, according to Ram Parasuraman, executive director of IBM Corp.

“When you talk about defenders, one thing that comes to your head is they’re all united. They’re standing in formation, and they’re sharing intelligence,” Parasuraman said. “But that’s not what you see in practice in enterprises. I think what’s hurting the most are silos between teams, between products and between intelligence.”

That leads to teams being slow to respond to attacks, something Parasuraman thinks needs to change in the industry. When it comes to the product management side of things, helping organizations get a handle on things boils down to three factors.

“One of the first things is detection. The earlier you detect, the better, but it’s not about you just saying, ‘I detected something.’ It needs to be high fidelity,” Parasuraman said. “Basically saying, ‘Hey, you know, I’ve detected something but, highly reliably, we can say that that’s an attack.’”

Safe recovery is the second factor, while the third is the integration of existing workflows between security and storage. With those three key factors considered is where the power of IBM Storage Defender comes in, according to Parasuraman.

“IBM Storage Defender was pretty much founded to solve these problems. It’s about bringing together all of the technologies that exist today but that don’t work with each other and across your data estate,” he said.

One of the primary things that needs to be set as a boundary condition is that one can’t exclude any part of data, according to Parasuraman. That’s because people have conventionally talked about this in a certain way, he noted.

Companies might say, “‘Hey, I’m a backup company, I look at backup data, and I’m ensuring a backup is immutable and I can kind of bring together a backup when you need it,’” he said. “That’s kind of one half of the problem.”

On the other side, there is the primary storage or primary critical workloads that get stored on arrays or flash storage, which is being added by a different team with a different set of tools. But when there is an attack, one doesn’t know where the recovery is going to occur from, according to Parasuraman.

“Are these primary hardware snapshots? Or do you need a backup? Or is it a combination of these two? This is why the recovery tends to be different from what we are used to,” he said.

Here’s the complete video interview with Ram Parasuraman, and follow theCUBE’s complete series on cyber resilience, as IBM provides a no-cost assessment for companies of all sizes to jumpstart their journeys:

2. There are strategies worth employing to start the journey.

As mentioned above, the average cost of a data breach worldwide is approximately $4.5 million per incident, as reported by IBM’s annual “Cost of a Data Breach” study. There are strategies that enterprises can deploy when starting its cyber resilience journey, according to Jeff Crume (pictured, middle), distinguished engineer, cybersecurity architect and chief technology officer of IBM Security Americas.

“One thing that came from that report is that the most significant way to cut the cost of a data breach was organizations who had an extensive use of AI and automation,” Crume said. “They saved, on average, $1.76 million off that $4.5 million. That was the most significant way to cut the cost of that data breach.”

Of course, it’s still very early days when it comes to the use of AI in the cybersecurity space. For that reason, that number will likely only rise as time moves forward, according to Crume.

“Using automation makes a big difference. Using AI, going forward, can make potentially an even bigger difference. So, tooling and leveraging that as a force multiplier can definitely benefit the good guys,” he said.

It’s not only the big companies that can benefit from that. But there’s also a role for infrastructure and storage to play in this, and making that accessible to everyone is a key focus, according to Christopher Vollmar (left), storage and data resiliency architect for IBM Canada.

“For a lot of the customers we’re working with right now, [the] first step in their journey is, I’ve got a security team, and they know what they’re doing,’ but have they tied in with what infrastructure and where the data lives on the storage platform?” Vollmar asked. “And how do I pull those two together?”

Here’s theCUBE’s complete video interview with Jeff Crume and Christopher Vollmar:

3. It’s possible to take baby steps.

There’s a new urgency today when it comes to security cyber resilience. The landscape has changed, whereas 10 years ago the conversation was often about backup, according to Del Hoobler, principal storage software advanced technology specialist at IBM Corp.

“It’s like you put data on a shelf and you only bring it back when you need to. Well, it’s different nowadays. There’s a serious threat against us,” Hoobler said. “To be data resilient, you have to keep the bad guys out, but you’ve got to assume they’re going to get in. So, you have to put your perimeter defenses up, but you need to make sure your copies of data are secure and cannot be messed with.”

High-profile attacks, such as the one involving Metro-Goldwyn-Mayer Inc., illustrate how serious the threat is. But what can companies who don’t have the IT budget, such as MGM, do?

“I get asked that all the time because one time they’ll say, ‘Hey, you know what? This is so big. I can’t boil the ocean. I’m not even going to start it, right?’” Hoobler said. “It’s one of those things, like, ‘I’ve got to go do all of this. I’m going to give up on it.’ Well, no. You can take baby steps.”

Cybersecurity and data resilience aren’t an on-and-off switch, according to Hoobler. It’s a spectrum, from very weak to very strong.

“You never can be perfectly data resilient. The most important thing is to get started,” he said.

Here’s theCUBE’s complete video interview with Del Hoobler:

To watch more of theCUBE’s coverage of the Beyond Firewalls: Resilience Strategies for All event, here’s our complete event video playlist:

(* Disclosure: TheCUBE is a paid media partner for the “Beyond Firewalls: Resilience Strategies for All” event. Neither IBM Corp., the sponsor of theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE