Immutable storage key to cybersecurity, says Scality survey

Tue, 12th Mar 2024

Scality, an international leader in secure and sustainable data storage software, released a survey today shedding light on the role of immutable data storage in organisational cybersecurity strategy. The poll, conducted among 500 IT decision-makers in France, Germany, the UK, and the US by independent survey agency Vanson Bourne, revealed that 94% of IT leaders either currently use immutable data storage or plan to implement it within the next year. Additionally, 69% consider this form of data storage fundamental to their corporate cybersecurity, while only 12% of those who deployed it believe that it's not essential.

Ransomware threats are now seen as inevitable by organisations, leading to greater reliance on immutable data storage as a key component in their cybersecurity toolkit. Immutable storage ensures that data cannot be deleted or modified after being written, thereby offering increased data security and enabling organisations to restore data with 100% accuracy in the event of a breach. This is particularly crucial given data showing that 1 in 4 organisations that pay a ransom never recover their data, and a mere 16% manage to do so without paying a ransom.

The study further compared responses from various industries and countries, disclosing some interesting variations. For example, manufacturing organisations (95%) were found to be most likely to implement immutable storage, with 84% considering it vital to their cybersecurity. On the other hand, financial services firms reported the lowest reliance on such storage, with 60% deeming it indispensable for their corporate cybersecurity.

Geographical differences were also evident. The US had the highest level of current or planned immutable storage deployments (98%), followed by France (96%), Germany (94%), and the UK (85%). A small number (12%) of global IT leaders currently using immutable data storage did not view it as crucial to their cybersecurity strategy. This sentiment was more pronounced in the UK, where 24% of respondents have implemented it but do not see it as essential, compared to 11% in France, 9% in the US, and 6% in Germany.

Dave Russell, VP of Enterprise Strategy at Veeam Software, emphasised the importance of true immutability. He stated, "Widespread deployment of immutable storage reinforces an increased awareness of the critical role secure backup plays as an active defence against cyberattacks..." He further highlighted the opportunity for IT leaders to bolster their cyber resilience through "Zero Trust Data Resilience with immutable storage implementations that are indeed truly immutable."

However, the survey noted that not all forms of immutability provide the same level of protection. True object storage solutions are inherently immutable at the architectural level, offering optimal protection. In contrast, other solutions introduce time delays before data is immutable, which could leave a small window of exposure. Recognising this difference could drastically enhance a company's defence against ransomware attacks.

Paul Speciale, CMO at Scality, insisted that immutable data storage acts as an "insurance policy against ransomware." He argued that a quick restoration from an immutable backup could determine whether a ransomware attack is successful. He cautioned that "without storage that’s truly immutable, you’re vulnerable to cybercriminals’ demands."

The survey revealed that 85% of UK respondents either currently rely on, or plan to implement, immutable storage within 12 months, the lowest of the four surveyed regions. Among UK respondents across all vertical markets, 47% consider immutable storage central to their corporate cybersecurity strategy. In the IT, technology, and telecoms sector, this figure rose to 54%, the highest score among all sectors surveyed in the UK.