The patent describes new capabilities for Cobalt Iron Compass, the firm’s enterprise SaaS backup platform, enabling automatic reconfiguration of IT infrastructure when it detects cyberthreats, such as a ransomware attack.

Cybercriminal activities increasingly threaten the availability and integrity of critical business data in ways that are hard to detect in a timely manner, and even then, often leave businesses unsure of what steps to take to limit the impact of an attack and remediate any damage. The fact most IT infrastructures are statically configured and completely unresponsive to changing conditions and cyberthreats is a particular problem in many cases.

The newly patented techniques introduce new ransomware analytics and automated optimizations that respond to cyberthreats. They will dynamically adjust access to backup infrastructure and data to reduce exposures to cyberattacks. They can also provide analytics-based insights into an attack and automatically perform various operations to secure data further.

The techniques disclosed in this patent monitor metrics, events, and conditions continuously for indications of a cyberattack in the network. They identify infrastructure components and data that could be impacted by or be vulnerable to a cyberattack, while automatically restricting access to vulnerable infrastructure components and data that have been affected.

The techniques also create an audit report of impacted infrastructure components or data and initiate remediation operations automatically. Such remediation operations might include initiating data replication of a previous clean backup version of the data to an off-site location, or recovery and validation of affected data into a safe storage location.

As an example, Compass could detect the event, conduct impact analysis to determine which data and hardware components might be affected, restrict access to those data and components, perform other operations to remediate exposures, and generate an audit report associated with the event.