Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cloud
    • Cloud
    • Cybersecurity
    • IT Management

    Security and Backup Alignment Critical to Ransomware Recovery

    Despite the critical role that backups play in data recovery, the majority of business lack proper collaboration with their security team.

    By
    Zeus Kerravala
    -
    May 31, 2022
    Share
    Facebook
    Twitter
    Linkedin
      data privacy

      Ransomware continues to plague organizations all over the world. The most common entry points of ransomware into enterprise IT environments are phishing emails, malicious links, and dubious websites, according to Veeam Software’s 2022 Ransomware Trends Report.

      The provider of backup, recovery, and data management solutions found that 44 percent of organizations have experienced such cyberattacks in the past year, while 41 percent named infected patches and software packages as the other ransomware culprits.

      Veeam surveyed 1,000 independent IT leaders in 16 countries to determine the impact ransomware has had on various organizations. All respondents experienced at least one cyberattack in 2021, with many experiencing at least two attacks. Approximately half (47 percent) of their data was encrypted by ransomware.

      Also see: The Successful CISO: How to Build Stakeholder Trust

      Ransomware Attacks are Rampant

      Once bad actors enter the IT environment, they typically target mainstream platforms like backup repositories (94 percent) and production platforms (80 percent). Many ransomware attacks are based on known vulnerabilities within mainstream hypervisors and operating systems or database servers. Hence, organizations should have broader conversations not only with their cybersecurity team, but also database administrators to ensure that database servers are secure, hypervisors are patched, and updates are routinely administered.

      Veeam also surveyed 3,393 organizations in a separate 2022 Data Protection Trends Report. According to those findings, 76 percent of organizations have experienced at least one ransomware attack last year, while 24 percent either avoided attacks or weren’t aware of an attack. This data underscores the fact that ransomware attacks are extremely common and affect most organizations.

      Paying Ransom Does Not Guarantee Recovery

      The most shocking data points in the study revolved around what happens when customers pay for the ransom. Only about half (52 percent) of those with encrypted data successfully recovered their data when the ransom was paid.

      A whopping 24% of organizations were not able to get their data back, even when the ransom was paid. When paying ransom, most (72 percent) organizations used some form of insurance. Fifty-seven percent of respondents said they have cyber insurance that includes ransomware coverage, 30 percent have cyber insurance without ransomware coverage, and 13 percent don’t have cyber insurance.

      The likelihood that organizations will pay a ransom following a cyberattack is high, not only because they value their data but also to avoid remediating significant portions of their infrastructure. Veeam’s ransomware report found most organizations were able to start remediation either the same or the following day. Those respondents said recovery took an average of 18 days to complete.

      The usual remediation options for ransomware are either restoring from backups or paying a ransom to recover data. Restoring from backup can result in data loss if an organization doesn’t have the right capabilities in place. Organizations should have tested and secure backups that can be restored quickly. For this reason, a backup infrastructure should be part of every organization’s cybersecurity defense plan.

      It’s important to understand the difference between protecting backup repositories and having clean data within the repositories. Just because a repository is protected doesn’t mean the contents are malware-free. Using clean backups is key to successful recovery. Nearly a third (31 percent) of organizations surveyed by Veeam relied on immutability, while 46 percent used a sandbox and 36 percent restored directly to production and then scanned for safety.

      Also see: Secure Access Service Edge: Big Benefits, Big Challenges

      Good Backup Strategies Lead to Ransomware Protection

      Secure backup is the last line of defense against ransomware. Organizations should have at least three copies of data on two different media with one copy being offsite, one being offline, air-gapped, or immutable. By applying this modern 3-2-1-1-0 rule, organizations can be better prepared to deal with cyberattacks, especially as the threat of ransomware keeps growing.

      Luckily, 95 percent of organizations now use at least one method of retaining isolatable backup data. The report found 74 percent of organizations use some type of cloud-service and 67 percent use on-premises storage.

      Most organizations use a combination of cloud services and tape data storage, which is a lower cost alternative to other storage solutions. Smaller organizations are likely to choose cloud services, while large enterprises are more selective when it comes to long-term data retention due to scale and regulatory challenges.

      While backup is fundamental to data recovery, the alignment between cybersecurity and backup teams is currently lacking at most organizations. In fact, 52% of the respondents said their organization needs to make significant improvements for cybersecurity and IT backup teams to collaborate successfully.

      Therefore, in addition to having backup solutions and comprehensive disaster response plans in place, sharing those plans with other security teams is what will help organizations improve their incident response.

      Also see: Best Website Scanners 

      Zeus Kerravala
      https://zkresearch.com/
      Zeus Kerravala is an eWEEK regular contributor and the founder and principal analyst with ZK Research. He spent 10 years at Yankee Group and prior to that held a number of corporate IT positions. Kerravala is considered one of the top 10 IT analysts in the world by Apollo Research, which evaluated 3,960 technology analysts and their individual press coverage metrics.

      MOST POPULAR ARTICLES

      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Big Data and Analytics

      Alteryx’s Suresh Vittal on the Democratization of...

      James Maguire - May 31, 2022 0
      I spoke with Suresh Vittal, Chief Product Officer at Alteryx, about the industry mega-shift toward making data analytics tools accessible to a company’s complete...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×