When you hear the phrase, “the new normal,” what do you think of? Wearing masks? Yes. Social distancing? Yes.
Ransomware attacks? Yes, add that to the list too.
Businesses worldwide have scrambled to recover their mission-critical operations as hackers use malicious software to lock and encrypt files and/or steal data and threaten to release sensitive information to the public, or sell it on the dark web unless a ransom is paid.
Enterprises are often forced to pay millions of dollars to get their infrastructure up and running.
Ransomware can affect any business, across any industry. Just a few months ago, Howard University was forced to suspend online and hybrid classes due to a ransomware attack. The school had to shut down all networks for several days to investigate what type of sensitive information was taken. Students were also warned to not open any emails that contain requests to download data or share contact information. CNA Financial, one of the largest insurance companies in the United States, was also impacted by a ransomware attack earlier this year. The organization was unable to access their network and ultimately were forced to pay $40 million dollars to regain control after two weeks of outages.
So how does a business fight back?
First and foremost, organizations need to understand where their sensitive and confidential data is located as part of a preventative hygiene routine. But, this is not as easy as it seems. With the proliferation of personal devices, cloud storage, and remote workspaces, in addition to traditional data center locations where data resides, businesses are simply overwhelmed in managing their data—much of it effectively becoming “dark” from an IT operations perspective—which creates a growing liability.
To overcome these challenges, organizations need to be able to effectively detect and identify sensitive and confidential data. The right solution should be able to recognize at-risk data, automate and simplify data classification with predefined policies, and classify data and detect risks of overexposure based on the content, location, user and access behaviors through machine-learning (ML) and artificial intelligence (AI).
Identifying sensitive data also plays a role in how organizations meet compliance mandates. Regulations such as GDPR, HIPAA, and PCI have strict requirements for how data is stored and protected. If businesses are found to be non-compliant, the penalties are quite severe. It has been reported that over 800 fines and penalties have been enforced under GDPR to date with some of the largest fines estimated to be $59 million.
But it is not just hefty fines. Customers want to ensure that their private information is protected and that the companies they are working with have legal and ethical business practices. Compliance violations often push customers away, impacting brand reputation and ultimately, even revenues. Without customers to vouch for the credibility of the organization, the long-term damage can often be more costly than the fines.
To combat these risks, businesses need a solution that can provide effective compliance policy monitoring. Businesses should be able to select predefined policies to be run against data sources to identify which data is at risk or possibly out of compliance. The goal is to enable organizations to promptly identify compliance risks and then take the necessary steps for remediation.
Hackers are becoming more bold and are no longer solely focused on infiltrating a network and holding data and access hostage. Increasingly, they are accessing and removing sensitive or private information and then threatening to release it publicly—unless a large payment is made. And cybercriminals are not just outside the organization. Such thefts do occur through employees, who remove and store critical data on their personal devices and take it to a competitor or start their own company—such as with Anthony Levandowski in the Google vs Uber case.
To prevent unauthorized access and exfiltration, businesses need to implement a governance solution that can quickly detect abnormal behaviors. By identifying user access patterns on sensitive information, organizations can recognize malicious activities and take the necessary steps to identify the user(s) and respond quickly to an attack or theft in progress and minimize the potential harm of an attack.
As hackers and cybercriminals become more sophisticated and aggressive, Cohesity has expanded our Data Management as a Service (DMaaS) portfolio to help customers combat these growing threats. One of these offerings is Cohesity DataGovern, an as a Service solution that enables organizations to automate the discovery of sensitive data and detect abnormal access and usage patterns.
DataGovern uses ML-based classification technology to identify sensitive and confidential data. Organizations can pinpoint highly sensitive data, save time by reducing the number of false positives, and monitor cloud and on-premises data sources with near real-time scanning of both production and backup data.
DataGovern helps automate and simplify data classification with predefined policies for common regulations like GDPR, CCPA, and HIPAA. By setting event alerts with detailed forensics, remediation can be easy and efficient.
DataGovern monitors sensitive data for inappropriate access privileges, unauthorized data sharing, and other risky behaviors. The anomaly detection engine uses machine learning to identify suspicious activities in near real-time.
Now is the time to protect your organization from the threats of today and tomorrow. With Cohesity, organizations can identify risky data and minimize or even eliminate the impact of an upcoming potential ransomware and cyberattack.
To learn more about Cohesity DataGovern: