There has been a heightened state of alert recently raised by organisations like the Singapore Computer Emergency Response Team (SingCert), following warnings of increased cyber threats globally. This begs the question: Is your current backup solution meeting your organisation’s data resiliency and cyber security protection needs for today and tomorrow?
These past couple of years have dramatically changed the frequency of cyberattacks and what attackers are targeting. Since this makes it critical for organisations to be able to recover lost or stolen data, this year’s World Backup Day could be a significant one… ever.
The threat of ransomware is evolving
Security experts are seeing the evolution of ransomware in the following three areas:
As shown in the table above, ransomware can take on many forms. The Ransomware 1.0 method is common — a fairly unsophisticated type of attack that typically, can be addressed by traditional backup and recovery solutions.
With Ransomware 2.0, attackers started destroying backups first, then encrypting production data. This type of attack is designed to make it incredibly challenging to restore lost data, and there is almost no recourse to get it back but to pay the ransom. As a result, countermeasures such as snapshot immutability, administrative quorum approval for certain operations, and other next-generation data management and security measures are required to sufficiently defend the data protection environment itself.
Finally, Ransomware 3.0 sees cyberthreat actors focusing on encrypting and exfiltrating, or stealing, data to expose it or sell it unlawfully as part of “double extortion” schemes. A cyberattack does not only compromise an organisation’s data, but it can also cause long-lasting damage to the reputation of the business.
This is why organisations need strong countermeasures over what is typically available from legacy backup solutions. Take time today to evaluate your current backup environment.
Evolving your backup and data management strategy
Backup is a foundational component of an overall cyber resiliency strategy, and key to ensuring an organisation is prepared for ransomware or other cybersecurity threats. Having a secure, clean, immutable copy of their data can help data better protect their data and refuse the ransom.
To help reduce the impact of both Ransomware 1.0 and 2.0, organisations need to incorporate Zero Trust principles in their IT environments. The need for organisations to converge data security and data management is imperative. This data-centric approach to security naturally leads to discussions about the multiple layers organisations require today to counter the evolving threat of ransomware, including through data isolation, where a balance between security and agility is key.
AI/ML-powered threat detection and modern data protection
Gone are the days when the static detection of attacks, manual response, and siloed handoffs between infrastructure and security teams are sufficient to protect systems, data, and businesses.
In fact, the need to deploy Artificial Intelligence (AI)/ Machine Learning (ML)-powered detection and integrated remediation was ranked as the top requirement from an organisation’s security and execution strategy standpoint, in a brief survey conducted with select customers.
To stay ahead of the latest tech trends, click here for DigitalEdge Section
AI/ML-driven detection and analytics help organisations get ahead of the threats posed by data exfiltration of Ransomware 3.0. Having the ability to analyse and alert anomalies gives businesses an additional signal that an attack may be underway. This assists in accelerating operational response time to minimise risks and reduce the impact of an attack.
The next-gen data management approach
World Backup Day 2022 is not just another day. It serves as a great reminder that the threat of cyberattacks, and the complexity of hybrid and multi-cloud environments are creating unprecedented challenges for organisations in managing, protecting, and securing their data.
Many legacy systems utilised today to back up and restore data were designed decades ago and are unable to address these modern data protection and security challenges. Often, these antiquated solutions are closed, create standalone data silos, lack AI or ML for intelligent automation, and were not designed with cyber resilience in mind to cope with today’s sophisticated cybercriminals.
The time is now for the adoption of a next-gen data management approach that incorporates Zero Trust design principles to help enhance cyber resiliency, with the power of AI/ML to automate tasks intelligently — such as anomaly detection and data classification — to assist with data security.
Next-gen solutions should also provide extensibility. This will allow third-party applications and integrations (e.g., with SIEM/SOAR tools) to be brought to the data, further enhancing security and compliance while making it easy to extract additional value from data.
On World Backup Day, take time to not only evaluate your backup strategy, but also your data management strategy as a whole. It can make all the difference and help ensure your business remain resilient and be ready for a future where data continues to drive business innovation and competitive advantage.
Brian Spanswick is the CISO of Cohesity