As we approach the 11th year of World Backup Day in 2022 and look back at the past several years, what have we learned? Given the heightened state of alert recently raised by organizations like the U.S. Cybersecurity & Infrastructure Security Agency (CISA) and their Shields Up initiative, this begs the question: is your current backup solution meeting your organization’s data resiliency and cyber security protection needs for today and tomorrow?
These past couple of years have dramatically changed the landscape of attack frequency, what attackers are targeting, and most importantly, the ability to recover data — so this could be the most significant World Backup Day… ever.
As the threat landscape of ransomware advances, and the data footprints grow and expand, keeping all the data safe can be a challenge. In a recent ESG survey*, 52% of those surveyed said they are better prepared today than to two years ago, but there is more work to be done. So, where should you focus your efforts? Let’s first take a look at how these threats have evolved recently, and then look at why considering a next-gen approach to data management should be top of mind.
Security experts are seeing the evolution of ransomware into the following three areas:
Table 1 – Evolution of Ransomware
As you see from the table above, ransomware can take on many forms. The Ransomware 1.0 method is common — a fairly unsophisticated type of attack that typically can be addressed by traditional backup and recovery solutions. Moving to Ransomware 2.0, attackers started destroying backups first, then encrypting production data. This type of attack is designed to make it incredibly challenging to restore lost data, and there is almost no recourse to get it back but to pay the ransom. As a result, countermeasures such as snapshot immutability, administrative quorum approval for certain operations, and other next-gen data management and security measures are required to sufficiently defend the data protection environment itself.
Finally, and most recently with Ransomware 3.0, cyberthreat actors are now focusing on encrypting and exfiltrating, or stealing, data to expose it or sell it unlawfully as part of “double extortion” schemes. A cyberattack cannot only compromise your data, but it can cause long-lasting damage to the reputation of your business.
To protect your data and business reputation, in 2022 and beyond, you need strong countermeasures over what is typically available from legacy backup solutions. Take time today and evaluate your current backup environment.
Backup is a foundational component to an overall cyber resiliency strategy, and key to ensuring your organization is prepared for ransomware or other cyber security threats. Having a secure, clean, immutable copy of your data can better equip your business to defend your data and refuse the ransom.
To help reduce the impact of both Ransomware 1.0 and 2.0, Cohesity incorporates zero-trust principles into its underlying architecture. In addition to our data resiliency and robust access control, Cohesity Threat Defense architecture helps organizations converge data security and data management. This data-centric approach to security naturally leads to discussions about the multiple layers organizations require today to counter the evolving threat of ransomware, including through data isolation, where a balance between security and agility is key.
Having an isolated clean copy of data provides the organization with cyber resiliency. Data isolation techniques can include different methods such as archive to external storage targets like S3 or cloud storage, or the traditional isolated “tape out”. Each of these techniques have their unique benefits but often do not provide the right combination of agility and security that organizations need today to meet their demanding recovery SLAs.
Cohesity FortKnox is our upcoming SaaS solution that is designed to enable customers to maintain an isolated (aka virtual air gapped) copy of their data in a Cohesity-managed cloud vault to improve data resiliency in the face of ransomware attacks. This immutable copy can be quickly and easily recovered back to the source or an alternate location, in case of a ransomware attack. In addition to immutability, this gives customers another means to thwart attackers from attempting to encrypt their backup data.
We are past the days when the static detection of attacks, manual response, and siloed handoffs between infrastructure and security teams are sufficient to protect systems, data, and businesses. In fact, the need to deploy Artificial Intelligence (AI) / Machine Learning (ML)-powered detection and integrated remediation ranked as one of the highest requirements, from an organization’s security and execution strategy standpoint, in a brief survey done with select Cohesity customers.
AI/ML-driven detection and analytics helps organizations get ahead of the threats posed by data exfiltration of Ransomware 3.0. Having the ability to analyze and alert anomalies helps give businesses an additional signal that an attack may be underway: assisting in accelerating operational response time to minimize risks and reduce the impact of an attack.
World Backup Day 2022 is not just another day. It serves as a great reminder that the threat of cyberattacks, and the complexity of hybrid and multicloud environments are creating unprecedented challenges for organizations in managing, protecting, and securing their data.
Many legacy systems utilized today to back up and restore data were designed decades ago and are unable to address these modern data protection and security challenges. Often, these antiquated solutions are closed, create standalone data silos, lack AI or ML for intelligent automation, and were not designed with cyber resilience in mind to cope with today’s sophisticated cyber criminals.
The time is now for the adoption of a next-gen data management approach that incorporates zero trust design principles to help enhance cyber resiliency, with the power of AI/ML to intelligently automate tasks — such as anomaly detection and data classification — to assist with data security. Next-gen solutions should also provide extensibility, so third-party applications and integrations (e.g., with SIEM/SOAR tools) can be brought to the data, further enhancing security and compliance while making it easy to extract additional value from data.
On World Backup Day, take time to not only evaluate your backup strategy, but your data management strategy as a whole. It can make all the difference and help ensure you — and your business — remain resilient and ready for a future where data continues to drive business innovation and competitive advantage.
Learn more about Cohesity next-gen data management and protect your data and business reputation.
* The Long Road Ahead to Ransomware Preparedness – ESG a divisions of TechTarget, published as of March 28,2022