See all Intelligent Security Summit on-demand sessions Here.
Most IT environments don’t seem to connect the dots when it comes to ransomware and the importance of a good protection system.You can easily guess by reading this Recent IDC Survey Over 500 CIOs from 20+ industries worldwide participate.
The most notable statistic in the IDC report is that 46% of respondents were successful. Ransomware attack in the last three years. This means that ransomware has become the main reason why large-scale data recovery must be successfully performed, leapfrogging natural disasters. Years ago, hardware failures were the primary reason for such restores. A disk system failure often meant a full recovery from scratch.
With the advent of RAID and Erasure Coding, everything changed as natural disasters and terrorism came to the fore. However, unless you live in a particular disaster-prone area, the odds of a single company being hit by a natural disaster were actually very low.
loss of money, loss of data
That 46% basically means that the chance of being hit by ransomware is a coin toss.Worse, 67% of respondents said that he ransom, and 50% of the data was lost. Some commenters downplayed the 67%, possibly suggesting that these organizations were responding to a ransomware tactic known as extortionware.
In this scenario, the company receives a request such as “Give me $10 million or I’ll expose your organization’s worst secrets.” However, even setting that statistic aside, the fact remains that half of the organizations hit by ransomware lost critical data. That’s two coin tosses. As they say, this is not good.
Are you ready to attack?Maybe no
The story gets even worse. Surprisingly, the same organizations that lost their data under attack seemed to greatly appreciate their ability to respond to such events. First, 85% of respondents claimed to have a cyber-her recovery playbook for intrusion detection, prevention, and response. Ask any organization if they have such a plan and chances are they’ll say “absolutely.”
In fact, you might even ask what’s going on at 15%. They’re like his fifth dentist in an old Dentyne commercial. If your organization lacks a cyber recovery plan, we hope the fact that so many companies are being attacked will motivate management to make that change.
organization should be allowed being attacked by ransomware. After all, ransomware is an evolving field, and fraudsters are constantly changing their tactics to gain momentum. What’s hard to understand is that 92% say their data resiliency tools are “efficient” or “very effective.” It goes without saying that an efficient tool should be able to recover your data without having to pay the ransom, and never lose your data.
Minimize attack damage
Detection, response, and recovery have several important parts. ransomware attackDesign your IT infrastructure to prevent attacks, such as denying the use of new domains (stopping command and control) or limiting internal lateral movement (minimizing the ability of malware to spread inside). damage can be minimized. But a ransomware attack requires the use of many tools that are far more efficient when automated.
For example, you can go from restricting lateral movement to completely stopping all IP traffic. If the infected system can’t communicate, it can’t do any more damage. Once you have identified and shut down the infected system, you can begin the disaster recovery phase of bringing the infected system online and ensuring that the recovered system is also uninfected.
the power of automation
The key to achieving all this in the shortest possible time is automation. Tasks can be completed instantly and simultaneously. A manual approach causes more downtime as the infection spreads through his IT environment. Everyone agrees that automation is key, with 93% of his IDC survey respondents saying they use automated recovery tools.
As such, nearly 9 out of 10 respondents say their data resilience tools are efficient and automated. But if this were true, half of those attacked wouldn’t have lost their data. ransom.
So what does this mean? The biggest point is that you need to check your environment. Do you have a plan for responding to a ransomware attack? Will you shut down your environment immediately to limit further damage while it’s being investigated? Can infected systems automatically recover as well?
If the chance of being hit by ransomware is the same as a coin toss, now might be the time to take off your rose-tinted glasses and get to work.
W. Curtis Preston is Druva’s Chief Technical Evangelist..
data decision maker
Welcome to the VentureBeat Community!
DataDecisionMakers is a place for data professionals, including technologists, to share data-related insights and innovations.
Join DataDecisionMakers for cutting-edge ideas, updates, best practices, and the future of data and data technology.
you might also think Article Contribution Your own!