Rise in cyber threats demand new strategies for data recovery
We are more connected than ever in this digital era, and those connections are faster and increasingly more immediate. Advanced technologies are accelerating incredible achievements for businesses and consumers.
While technology offers significant benefits, it has also made it easier for those who seek to gain an advantage by exploiting others. Hidden in the digital web of interconnections are people intent on stealing your content or holding it to a hefty ransom for its return, making the information age a double-edged sword.
Today’s organizations need digital sentries and multiple lines of defense against cybercrime, which can devastate a business when it hits and impact it for years after the initial attack.
Ransomware has been steadily growing in prominence and impact since the 2017 WannaCry ransomware outbreak that infiltrated systems around the world. While criminals develop more advanced techniques, the fundamentals of ransomware remain the same. Attackers penetrate a network, find and encrypt data, and demand payment for a decryption key.
The threat of ransomware is increasing quickly. It’s not a question of “if” but of “when” you will face this challenge. Choosing between ransom payments or suffering data loss is costly and risky.
The impact of an attack is enormous, and the costs associated with cyberattacks, including lost business, insurance rate hikes, lawsuits, criminal investigations, and bad press, can even put a company out of business – and fast. Here are just a few of the many data breaches that occurred during the past two years and their costly toll:
- The New York Times reported that T-Mobile Reached a $500 Million Settlement in a Huge 2021 Data Breach: The company, which said the hacking had affected 76.6 million people, agreed to pay $350 million to settle claims and spend $150 million to bolster security.
- Insiders reported that global insurance provider CNA Financial forked over a reported mind-blowing $40 million post-cyber-attack last year.
- The Washington Post reported that a ransomware attack on U.S. software provider Kaseya in 2021 targeted the firm’s remote-computer-management tool and endangered up to 2,000 companies globally.
While there are many strategies for mitigating the risks associated with cyber threats, such as ransomware, each comes with challenges. Backup is a critical means of recovery, yet decades-old legacy enterprise backup solutions were not designed to handle the scale and complexity of today’s data. And this problem continues to grow. Terabytes of data are rapidly becoming petabytes to exabytes of data and beyond. IDC predicts the world’s collective data will reach 175 zettabytes by 2025.
Backup is Broken
Traditional backup as we know it is broken, and here’s why:
- Backups are periodically done in batches – when data recovery is needed, the last available copy could be more than 24 hours old, resulting in permanently lost data and/or recent changes.
- Backup is outdated – snapshot-based legacy backup software, developed decades ago, still uses agents to protect and recover virtual machines, resulting in high maintenance costs, time wasted on administration, or even failed recoveries.
- It’s expensive – aside from costs associated with impacts on production and resources, legacy backup requires multiple licenses, additional agent purchases, and increased IT infrastructure costs.
- Legacy backup tools are complex – they use distributed systems for data transfer, requiring dedicated hardware, extensive configuration, and a lot of IT time and resources.
- It’s disruptive – legacy backup jobs often don’t complete in time, disrupt production environments with unplanned downtime, and heavily burden already constrained IT resources.
And it’s slow – legacy backup copying processes place an enormous load on your production environment, causing network lag and downtime.
A New Backup Paradigm to Recover Data Instantaneously
What’s needed is continuous data availability. This approach would provide a strong first line of defense against cyber threats, enabling organizations to recover compromised data easily and almost instantly. And yet, continuous data availability has been out of reach given the weaknesses of traditional backup. Business leaders have been forced to accept levels of data loss, measured by recovery point objectives (RPO), and downtime, measured by recovery time objectives (RTO).
Traditionally, backup occurs outside the operating system data path. As data volumes increase exponentially – both in the number of files and the amount of data generated – backup systems that scan file systems are no longer feasible, particularly as we enter the realms of billions of files and petabytes or more data.
A new approach would make the file system and backup one and the same. As a result, every change in the file system would be recorded as it happens, end users could recover lost data without the assistance of IT, and finding files would be easy, regardless of when they may have existed, and across the entire time continuum. Such an approach would redefine enterprise storage by converging storage and data resilience into one system. Every change that occurs in the data path would be captured. This approach would not require decryption keys, users could just unwind ransomware events with a single operation.
Current backup and recovery solutions are not where the world needs them to be, but that doesn’t mean we should settle for less. In 2023, there will be an increased focus on the “first line of defense,” where cyberattacks are stopped altogether or can be swiftly unwound without recourse to backups. Instead of taking hours, days, and sometimes weeks or more, recovery would take place almost immediately.
Backup that sits within the operating system data path could enable continuous data access. This method could provide unprecedented data protection, making it possible to approach the ideal of zero RTO, giving users control of searching and recovering data immediately without IT assistance, and an RPO of zero, eliminating the significant cost and impact of data loss and interrupted data access.
Anything more is a compromise that exposes organizations to increased risk of data and financial loss. Companies should push vendors to achieve zero RPO and zero RTO and seek out solutions that achieve those objectives.
Resource : https://www.securityinfowatch.com/cybersecurity/information-security/breach-detection/article/21294365/rise-in-cyber-threats-demand-new-strategies-for-data-recovery
Your article helped me a lot, is there any more related content? Thanks!