New Metrics, Same Mission: Why RTO and RPO Still Define Resilience
The conversation around ransomware protection can be summed up by two acronyms: TTD and TTP, which stand for Time-To-Detection and Time-To-Prevention. But what about those long-standing favorites RTO (Recovery Time Objective) and RPO (Recovery Point Objective).
Has TTD and TTP replaced them? Are they still important?
The answer is that RTO and RPO haven’t been replaced and remain critical for every enterprise. Let’s take a closer look at these concepts and how they differ.
Cybersecurity Metrics vs. Disaster Recovery Metrics
While TTD and TTP are benchmarks for cybersecurity, RTO and RPO are benchmarks for other types of incidents. This distinction is important because not all disasters are digital.
Remember 9/11? What happened on that tragic day could not have been prevented by better ransomware detection. While there are no official figures, it is estimated that around 10% of the businesses in and around the World Trade Center complex did not recover post 9/11. This is, in part, because they didn’t have a good enough disaster recovery (DR) plan in place.
By definition, a DR plan is a plan that is executed after the fact and not before. It requires a totally different mindset. While prevention is the best form of medicine, each malady requires a different medicine. A solution for one ailment will not necessarily help with another.
For a company to survive in our modern era, it must have all the bases covered. It’s not enough to have a good DR plan in place, it also needs robust antivirus and cybersecurity. And of course, it needs that old favorite, a backup solution.
One possibility is to use different products for each solution. Although these products might be the best in their respective areas of expertise, the downside is dealing with separate entities for support, professional services, etc. Realizing this, companies that, for years, based their existence on a single solution, such as antivirus, have begun to incorporate other solutions in their product offerings. The trouble is that in many cases, the underlying architecture was not designed for this kind of add-on, and it is like trying to fit a square peg in a round hole.
This has created a market opening for new companies to spring up, providing comprehensive solutions. Although architected to be a complete solution, these new companies often lack the maturity enterprises require, such as established professional services and support.
Finding the Right Balance in Cybersecurity, Data Resiliency and Disaster Recovery
What’s needed are companies that cover all the bases but have a market maturity. Since cybersecurity is a relatively new risk, these companies are few and far between. They required creating an architecture that was able to incorporate the unforeseen. It has been around 20 years since Amazon introduced the world to cloud computing and so the most mature company that answers all the current security needs will only be 20 years or less.
Even though cybersecurity was not even a concept way back then, any viable solution must have been designed to be able to add layers of security and not just try to plug up a hole. Antivirus and disaster recovery were already known challenges but as time progressed additional layers had to be easily slotted into the overall architecture, and most recently ways to combat ransomware protection, and an increased need for better cyber resiliency.
CTERA was conceived as a cloud storage solution back in 2008 by a group of visionaries who saw that cloud storage would become the storage of choice, and this at a time when Amazon was just a fledgling cloud storage company. More than just predicting a future trend, CTERA realized from its inception that if major enterprises were going to store their precious data in the cloud, they had to know that it was safe, at source, at the destination and while in transit.
Rather than re-inventing the wheel to manage every risk, CTERA built industry standards directly into their solution. For example, all the major antivirus shops like McAfee or Bitdefender can be used. And so, they built an initial architecture that was adaptable to handle what might come.
CTERA created its ransomware TTD/TTP-based solution that slots into the solution architecture like a round peg in a round hole. And then had the solution validated by an established third-party tester, detailed in the Synergy7 Ransomware Test Report and the CTERA vs. the World’s Most Dangerous Ransomware Families article.
This proactive approach has resulted in a platform where security is built-in at every level:
- Virus attacks were around before CTERA, so its managed data is safe from them, built in.
- Natural and made-made disasters have been around since the dawn of time, so CTERA ensures that data managed is protected from any disaster, built-in, with near-zero RTO and RPO.
- When cyber-attacks were in their infancy, CTERA recognized the trend and implemented a strategy to secure the managed data from these threats, built in with minimal TTD and TTP.
- And let’s not forget backups. With the CTERA snapshot functionality saving versions of the data every few minutes, you can restore a backup to the exact moment you need.
In the end, resilience isn’t about a single metric or tool; it’s about covering all the bases, like CTERA does.
