Are you ready for cyber recovery? Rubrik's Grant Dinning on public sector data security

“Everything we do is underpinned by data” headlined Grant Dinning, Engineering Manager for Public sector at software firm Rubrik as he opened his speech at the Government Data and AI Summit this November. Rubrik provide data security, recovery and threat detection solutions across the private and public sector.

Dinning’s focused on empowering leaders to consider cyber recovery, asking public sector leaders in the room if they would be ready for cyber recovery if a cyber attack occurred right now. The recovery time objective is key here, how can data recovery be sped up to allow organisations to return to their workflow with minimal disruption and time cost? 

To speed up recovery, Dinning’s suggests restoring from backup is the best solution, however it is vital to ensure a plan is in place to do this and that this has been tested to ensure success.    

Dinning’s outlined four steps for public sector leaders to be aware of, in order to recover data effectively: 

1. Determine the scope of the attack - data recovery alone is not enough, an understanding of the breadth of the issue is necessary to ensure future security. 
2. Determine the point of infection - pinpoint where the weakness was so that this can be addressed in future. 
3. Assess the impact on sensitive data - analyse the impact of the attack on sensitive data and mitigate risks caused by this breach. 
4. Find malware and quarantine it - prevent the further spread of cyber issues by identifying malware and isolating it from the rest of the system.    

In addition to data recovery, Dinning’s spoke on the issues created by using organisational data to train large language models used in AI. He suggests looking for companies that provide data cleaning services to protect against sensitive data being used in this training. 

For Rubrik, then, government digital transformation needs to occur alongside smart data security practices. It is vital to be prepared for cyber attacks, understand how to best recover data and consider where sensitive data is being used.