New GDPI Highlights Risk of Ransomware to Traditional Data Protection

It’s not easy writing about ransomware without some measure of doom and gloom. It seems like every day we are reminded about the impact cyberattacks are having on the way people live and conduct business. The damages extend far beyond corporate boardrooms or balance sheets to cause mass disruption across our society, impacting utilities and even food and medical supply chains.  And if we have learned anything from the events of 2020, it’s that we need to be ready for anything. 

While there’s no shortage of stats and projections painting a dark picture of the financial impacts and reputational damages resulting from a cyberattack, many reports fail to make an impression on those on the front lines tasked with protecting their organizations from ransomware and other sophisticated cyber threats.

The 2021 Dell Technologies Global Data Protection Index took the approach of surveying global IT decision makers to get a better understanding of how organizations are combatting increased data protection challenges and cyber resiliency threats. 

Interestingly, the survey revealed organizations are continuing to make advancements in digital transformation despite a low-level of confidence with respect to their data protection readiness and their ability to recover from ransomware attacks. 

It is something of a cruel irony (and an increasingly costly paradox!) that while data is universally regarded as the essential ingredient for driving innovation, it is also the most vulnerable asset within the IT estate. The proliferation of cyber threats, the growth of multi-cloud computing, the distribution of traditional and cloud-native workloads across edge, core and cloud environments and the emergence of newer technologies like AI/ML have converged to create a perfect storm of IT complexity. The increase of remote work has only exacerbated these challenges even further. 

Consider just the following three data points from the GDPI research:
 
  •  82% agreed that their organizations data protection solutions won’t meet all future business challenges
     
  •  74% have seen increased risk of cyber threats with the growth of employees working from home
     
  •  67% are not very confident that all business-critical data can be recovered in the event of a destructive cyber attack
Clearly, the complexity caused by the scope and scale of data protection and the attack surfaces for cyber threats is dramatically increasing (and is blurring the lines between traditional data protection and cyber resiliency). Ensuring cyber resiliency, a holistic strategy to identify, protect, detect, respond and recover from ransomware and other cyberattacks for example, requires multiple layers of protection to ensure that critical data is protected and isolated from these attack surfaces. Within this protected framework, it can be recovered with confidence following a ransomware attack, to accelerate the restoration of the normal business operations. 
Likewise, protecting cloud-native applications, Kubernetes containers and SaaS workloads further contributes to modern data protection complexity. And of course, protecting data reliably, consistently and efficiently across multiple public cloud environments makes data protection harder still. 
What’s more, most IT planners are not confident their current data protection solutions will meet all future challenges.  Emerging technologies like AI/ML and IoT combined with the projected explosion of data volumes on the edge will present significant data protection challenges for organizations of all sizes. On the positive side, AI/ML can also be leveraged within modern security strategies and solutions and services to integrate security products, solutions together to provide a holistic and resilient approach to modern data protection and security.  
For many organizations, the complexity of protecting emerging technologies is only compounded when they have to resort to working with multiple data protection vendors to gain the cyber resiliency and data protection they need across hybrid, multi-cloud and edge environments. Unfortunately, this complexity often comes at a staggering cost; organizations that rely on multiple data protection vendors experience a 66% increase in data loss compared to those organizations working with a single vendor.
Overall, the 2021 GDPI tells a cautionary tale but also provides evidence of how to get out in front of those issues that can lower confidence and slow your transformation.  
Understanding the stakes involved in today’s data-driven world, progressive organizations are adopting cyber resiliency strategies to combat the threats of ransomware and other cyberattacks. Achieving a cyber resiliency strategy, incorporates people, process and technology into a holistic framework that protects an entire business, organization or entity. 

Where does Cyber Recovery Fit into Your Data Protection Strategy?

While organizations should be commended for investing in emerging technologies to drive digital transformation, they come with modern threats that can only be addressed with modern solutions. Organizations need to realize that the same data that drives their business and fuels transformation efforts is the same data that cyber criminals are after. Organizations need to adopt modern data protection solutions to keep up with the pace of their consumption of emerging technology. Traditional data protection is still needed, but as the GDPI illustrates, is inadequate and wasn’t designed to address these modern complexities and the emergent threats of ransomware and other attacks. 

Cyber Recovery distinguishes itself from traditional backup and Disaster Recovery (DR) in several ways. It provides additional layers of physical and logical security at both the solution, system and data/file level to ensure critical data can be preserved with integrity, confidentiality and to ensure it is available when needed for recovery. 
Cyber Recovery is focused on protecting and isolating critical data away from cyber threats and attack surfaces within a secure immutable data vault and then enabling the recovery of that data vault when and if necessary.  Cyber Recovery goes beyond DR plans by addressing the cyber threat to critical data but at the same time complementing DR plans which protect against other outages. 

Recovery from a destructive cyberattack solves for a different type of disaster and can be very different from recovery from a power outage, fire, flood or terrestrial event. Cyberattacks are typically not limited to a specific location so their impact can often be felt globally, even with traditional DR solutions in place. For this reason, logical segregation of infrastructure, along with physical separation, to limit the spread of malware and reduce the surface of attack is typically more effective than having regionally dispersed data centers.

Recovery procedures can be more involved and iterative due to additional forensics working with cyber security teams. Hence, adopting a fast and reliable recovery solution is critical to an organizations ability to get back on its feet and restore business continuity. While ransomware and other forms of cyberterrorism may continue to wreak havoc on many, accepting defeat as a foregone conclusion is not the answer.  Innovations in modern data protection and cyber recovery give reason for organizations to be optimistic about the future. 

Being confident in your organization’s ability to recover from a disruptive cyber event is a key enabler in building cyber resilience. To the degree that you believe, at least on some level, that data or information are a critical ingredient in the mission of your organization and to its very operation, then it is absolutely critical that organizations are proactively implementing technologies, which are supported by tested and documented recovery programs, to form a last line of defense for the business. To deliver business-level cyber recovery at speed and scale, it’s imperative to mature the cyber recovery program of the organization, tightly aligning recovery procedures with the criticality of specific business processes or application to normal business operations. This enables the core functions of the business to get back up and running as quickly as possible – which is of course, the entire point!
 
Sign in to Spring ITAPA 2022
Páčil sa ti článok? Zdieľaj ho a povedz o ňom aj ostatným