Nearly 30% of cyberattacks come from within a company, according to a 2018 Verizon study. With a growing threat plane for security breaches, enterprises must evolve protection methods — from the outside world and inside the perimeter. So what does data protection look like in today’s data-driven economy?

“What we’re trying to help our customers understand and help them develop is a strategy around recovery, because there’s no such thing as complete prevention,” Cliff Madru (pictured), vice president of cloud solution architecture and engineering at Iron Mountain Inc., an enterprise information management services company.

Madru spoke with Rebecca Knight (@knightrm) and Stu Miniman (@stu), co-hosts of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the Dell Tech World event in Las Vegas. They discussed data security and management from all angles (see the full interview with transcript here). (* Disclosure below.)

Protecting data from unavoidable threats

Data is at the core of everything to a modern-day company, according to Madru. That means that data security and data resiliency are some of the most important things to understand and consider when starting any sort of conversation around data — because it’s unavoidable that, at some point, a company will deal with a data threat of some sort.

“Although you can drastically reduce your risk of an attack, the reality from my perspective is you cannot prevent an attack,” Madru said. “You need to ensure the data’s protected … when you think about an insider threat. So 28% of attacks are from an insider perspective, and actually roughly 68% of attacks come unnoticed for months — and so that means someone’s on your network.”

That also means a hacker is monitoring your organization from the inside to understand the patterns, how you protect things, and how can they infiltrate that process, Madru added.

So what’s the secret to successfully defending a company’s data? A company needs to identify the critical data that would irrevocably damage their business if they were to lose it or if it were to be destroyed, according to Madru. They should then consider building a strategy with a third-party protection agency — such as Iron Mountain’s Critical Protection and Recovery  service, or CPR, Madru added.

“It’s managed by Iron Mountain, which I think is one of the most critical aspects of the service — because an insider threat is something that’s very hard to prevent when someone understands the inner workings of your environment,” Madru explained.

With CPR, Iron Mountain creates an air gap so that a company has protection from the network. That way, if a company has a ransomware-type event or something that crawls into its network, they have an air gap from the network perspective. The next air gap that should be created is an administrative air gap, because nothing can protect a company from someone inside deciding to hack in if they know how to do it, according to Madru.

“We offer the ability to take it down to tape so you can still have many versions to recover from, because if you have an attack that’s been months on your system and you need to get a clean version of a file, now we have the ability to bring that into what we call a clean room,” Madru stated. “You can run your forensics on that in a very secure environment that’ll get completely isolated from where your data’s been attacked, and then bring that data back to recover successfully from ransomware or any other threat.”

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the Dell Tech World 2019 event. (* Disclosure: Dell Technologies Inc. sponsored this segment of theCUBE. Neither Dell nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE