Is your organization one of the 85% that suffered a ransomware attack in the last year? Ransomware attacks are increasing in both frequency and intensity. Leading data protection provider, Veeam, states that based on their research, ransomware is increasing at approximately 12% year-over-year — so soon, nearly every business will have been targeted by a ransomware attack. So, the critical question for most businesses is: are you prepared to recover from a cyberattack?
Many businesses believe that they are. In fact, 87% of businesses report having a risk management program in place that addresses ransomware and similar cyberthreats. But, does that mean the program will work well when your business is under attack? That depends on how mature your risk management plan is and how security is handled in your business. Consider:
- Is security mainly a technical concern, handled by a single team?
- Does your business have a security champion at the C-level, who is able to allocate resources to ensure security of corporate assets, infrastructure and data?
- Do you have a cross-functional business team that includes security and IT professionals —among others — that addresses security to protect against both today’s threats and those that might arise in the future?
- Are you testing those plans for effectiveness and optimizing them as necessary?
How you answer these questions can help you determine how mature your company is in terms of security. Security Maturity can be defined by four mindsets:
- Initial: businesses in the initial mindset or phase of security preparedness have just scratched the surface of security issues. They may not recognize the importance, or think they are too small to be attacked, or just not have the resources to address cyberthreats. These businesses have no dedicated security budget or department or organization.
- Defined: businesses with a defined mindset view security as mainly a technical concern. They take preliminary security measures, such as use of firewalls and antivirus software, and their budget comes primarily from the IT department. In this mindset, security is siloed within the IT department and is rarely championed outside of IT.
- Managed: businesses with a managed security mindset view security as important to the business. It has resources allocated, usually both monetary and in terms of some sort of Cyber Incident Response (CIRT) team to manage recovery from an attack.
- Optimized: businesses with an optimized security posture view security as part of the business culture, and support optimal security with people, processes and tools. There is also often a C-level security champion within the business who creates a culture across the entire business of security awareness and preparedness, and both security and IT professionals work together to ensure that all facets of preparedness are managed.
The more mature your business security posture, the more likely you are to have a risk mitigation plan that enables a quick and full recovery from ransomware and other cyberattacks. The more security is “baked” into the culture of your business, the more aware your employees will be about security threats and issues, the more resources will be allocated to preventing or mitigating attacks, and the more holistic your security plans will be.
But what if today, your business is less prepared than current risks warrant? Half of businesses surveyed by Frost & Sullivan said that ensuring security and compliance of apps and data was challenging to them, while 48% said that implementing backup plans for apps and data was difficult. As a result, more than 60% of businesses surveyed plan to use a third-party partner for cybersecurity and recovery efforts by 2024. Your IT security partner should help your business increase its maturity posture. Let’s look at five areas.
- Multi-layered immutability: having immutable storage across your domain – in the primary storage, in your deduplication appliance, and in your backup repositories.
- Data mobility: the ability to restore your data to any target environment you choose, to get you back up and running faster.
- Comprehensive monitoring of the backup environment. While most businesses focus on observability in their production environment, smart cybercriminals are now targeting backup environments as well as main production environments. Choosing a provider that can monitor and mitigate threats to your backups and provide analytics about the health of your backup environment will ensure that your backups remain clean and available in the event of an outage in your business.
- Automation: automating the backup and recovery processes enables industry-low recovery time and point objectives, verification of the “cleanness” of your backup data before restoration, and documentation of your business’s failover and recovery plans, which change as you tweak your recovery plan.
- Recovery control: your chosen provider must offer you a variety of recovery options based on the level of your workload, with more than just a few preset levels to choose from. Whether its instant recovery of critical workloads or a higher RTO, or whether you are choosing how to recover your data — from storage snapshots to replicas—you need the ability to tailor your backup and recovery experience based on your workloads, and your business needs.
Cyberthreats to businesses may be mounting year-over-year, but your business risk can be minimized. By increasing your security posture and partnering with a partner who leads the industry in cyber-resilience, your business can be assured that recovery from cybercrime doesn’t have to break the business budget.
For more information, take a look at the six best practices you need to know about ransomware recovery.