sb-as logo
Story image

StorageCraft report suggests firms need a 'ransomware reality check'

12 Dec 2019

It’s time for a ‘ransomware reality check’, because having a recovery plan and actually making sure it works are two entirely different things.

A recent survey of 700 companies in Australia, France, Germany, North America, and the UK found that 68% of respondents have a ransomware recovery plan, yet almost a quarter (23%) don’t test those plans, and 46% test them once a year or less.

The research shows that having a plan just is not enough, suggests StorageCraft vice president of marketing and product management, Shridar Subramanian.

 “Even though ransomware continues to be a scourge on business, with a reported 118% increase of incidents in the first quarter of this year alone, our research shows too many organisations are ill-prepared to protect against it. They must take a reality check and assess and test their ability to protect and recover from a ransomware attack.”

Research results also found that an overwhelming 86% of respondents confirmed they suffered data loss in the past year, with over a quarter (27%) suffering data loss in the last six months.

The research also uncovered issues around the budget and complexity of IT infrastructure, which will add to the challenge of ransomware preparedness.

Almost half (46%) say they don’t have the budget to manage their data and recover from a failure adequately.

However, 49% of respondents reported they have between 3 and 5 different types of systems to manage and protect data. Thirty-three percent have six or more different types of systems.

StorageCraft recommends that organisations assess and test their plans for ransomware prevention, remediation, and recovery.

Critical elements of a successful plan for ransomware remediation and recovery include:

Immutable Snapshots: To ensure unstructured data can be recovered, companies should protect their information with continuous immutable snapshots. Data captured this way is ‘frozen’ and cannot be overwritten or deleted by ransomware attackers. This ensures an organisation can revert to a secure set of data.

Orchestration: A successful recovery process requires that business-critical data and applications are prioritized. Companies using cloud-based recovery should pre-determine the order in which their data and applications will be recovered. This ‘orchestration’ ensures minimal downtime, once data recovery begins.

Immediate Recovery: Considering one minute of downtime costs $5,600 according to industry analyst firm Gartner, the speed of recovery following a ransomware attack is a crucial element of the remediation and recovery process.

Failback: After a successful cloud-based recovery, the last step in remediating a ransomware infection is returning the data infrastructure to its original location and resuming operations as usual. The planned failback process should have a minimal impact on production applications to minimise any additional downtime and adverse effect on the business.

Story image
AWS launches fully-managed fraud detection service
Businesses lose billions of dollars to online fraud every year, however businesses respond by investing in cumbersome fraud management solutions that often rely on hand-coded rules and are difficult to keep up to date.More
Link image
The wide world of data: Clear, actionable insights in one hub
Whether you’re interested in modern data warehouses or data ingestion and collection, this is your one-stop hub for creating strategies that deliver data insights that you can take action on.More
Story image
Fortinet scoops commercial marketplace award at Microsoft partner awards
The win underscores its "commitment to enable easy and secure deployment of SaaS, VM or container security solutions" to protect Azure workloads and applications.More
Story image
Global spending on cybersecurity to grow by almost 6%
Even if the global economy worsens and IT budgets suffer, the cybersecurity market will still grow by at least 2.5%, according to a new report by Canalys.More
Story image
Why answering the question of orchestration vs automation will improve your security effectiveness
Organisations are looking to improve their security operations effectiveness, efficiency, and staff satisfaction, with security, orchestration, automation and response (SOAR) fast becoming a trending approach. More
Story image
Forescout and ServiceNow advance tech partnership to protect critical infrastructure
Forescout and ServiceNow have announced they are advancing their partnership for enhanced operational technology (OT) and industrial IoT capabilities, with an aim of helping organisations to protect critical infrastructure from cyber threats.More