Security

Imagine you entered the organization’s systems this morning and discovered everything disappeared – don’t want that to happen? It’s time to back up!

⚡ UPDATED: 3 minutes ago
I
By
7:57 am Updated: March 4, 2026 2 min read
תדמיינו שנכנסתם בבוקר למערכות הארגון וגיליתם שהכל נעלם - לא רוצים שזה יקרה? הגיע הזמן לגבות!
Photo by National Cyber Directorate on March 3, 2026

Against the backdrop of Operation Iron Swords and increasing attempts at cyber attacks, the National Cyber Directorate is identifying attempts at attacks aimed at deleting and disrupting systems of Israeli organizations. This is intended to harm the operational continuity of organizations and disable them.  

Every organization must ensure that it is backed up in the cloud, and by physical means (such as a disk-on-key). If not, backups must be created immediately to avoid substantial damage to the organization’s continued functioning.

After ensuring that backups exist, the following steps should be taken to avoid these attacks:

  1. Periodically map the location of information assets within the organization, and ensure that the mapping includes reference to information stored with cloud providers and other third parties, the sensitivity/criticality level of the information, and its scope.
  2. Appoint a responsible party who will be in charge of backups and restores.
  3. Verify the existence of an alternative and independent backup system at an alternative site   (DR)
  4. Ensure that storage media are stored in a fire-resistant facility, where in case of activation of the fire suppression system, the data will not be damaged.
  5. Ensure that the backed-up information is stored in geographical areas approved according to organizational policy, which includes specific reference to data sovereignty  (Sovereignty Data 19)
  6. Secure access to backups using multi-factor authentication  (MFA) and using
    Conditional Access or an equivalent capability offered by the cloud provider. Grant permissions according to the principle of Least Privilege to every entity with access to backups or backup management permissions.
  7. Closely monitor backup systems and ensure that all malfunctions are addressed.
  8. Periodically verify that all components of the backup systems are updated to the latest versions.
  9. Periodically test the integrity of backups and familiarize yourself with emergency recovery and restoration procedures.
  10. Perform a test of backup integrity.
  11. If the backup is stored on an external source, ensure that access is under two-factor authentication.

Related Topics
Israel National Cyber DirectorateIsraeli organizationsMFAOperation Iron Swords