sb-as logo
Story image

StorageCraft report suggests firms need a 'ransomware reality check'

12 Dec 2019

It’s time for a ‘ransomware reality check’, because having a recovery plan and actually making sure it works are two entirely different things.

A recent survey of 700 companies in Australia, France, Germany, North America, and the UK found that 68% of respondents have a ransomware recovery plan, yet almost a quarter (23%) don’t test those plans, and 46% test them once a year or less.

The research shows that having a plan just is not enough, suggests StorageCraft vice president of marketing and product management, Shridar Subramanian.

 “Even though ransomware continues to be a scourge on business, with a reported 118% increase of incidents in the first quarter of this year alone, our research shows too many organisations are ill-prepared to protect against it. They must take a reality check and assess and test their ability to protect and recover from a ransomware attack.”

Research results also found that an overwhelming 86% of respondents confirmed they suffered data loss in the past year, with over a quarter (27%) suffering data loss in the last six months.

The research also uncovered issues around the budget and complexity of IT infrastructure, which will add to the challenge of ransomware preparedness.

Almost half (46%) say they don’t have the budget to manage their data and recover from a failure adequately.

However, 49% of respondents reported they have between 3 and 5 different types of systems to manage and protect data. Thirty-three percent have six or more different types of systems.

StorageCraft recommends that organisations assess and test their plans for ransomware prevention, remediation, and recovery.

Critical elements of a successful plan for ransomware remediation and recovery include:

Immutable Snapshots: To ensure unstructured data can be recovered, companies should protect their information with continuous immutable snapshots. Data captured this way is ‘frozen’ and cannot be overwritten or deleted by ransomware attackers. This ensures an organisation can revert to a secure set of data.

Orchestration: A successful recovery process requires that business-critical data and applications are prioritized. Companies using cloud-based recovery should pre-determine the order in which their data and applications will be recovered. This ‘orchestration’ ensures minimal downtime, once data recovery begins.

Immediate Recovery: Considering one minute of downtime costs $5,600 according to industry analyst firm Gartner, the speed of recovery following a ransomware attack is a crucial element of the remediation and recovery process.

Failback: After a successful cloud-based recovery, the last step in remediating a ransomware infection is returning the data infrastructure to its original location and resuming operations as usual. The planned failback process should have a minimal impact on production applications to minimise any additional downtime and adverse effect on the business.

Story image
Service providers seek better networking and security integrations
Network and security convergence is an increasing focus for service providers, new research from Juniper Networks shows.More
Story image
Trend Micro adds cloud-native container security to Cloud One Services Platform
Designed to ease the security of container builds, deployments and runtime workflows, the new service helps developers accelerate innovation and minimise application downtime across Kubernetes environments.More
Story image
One Identity reaches out to SolarWinds customers following breach
According to the company, this free assessment seeks to help organisations navigate through times of uncertainty as attacks continue to grow in sophistication and complexity across the broad range of identity-centric risks.More
Story image
APAC secure content management market to hit $2.2 billion by 2024
The proliferation of cloud-based deployments will largely drive this, the report says, as the COVID-19 pandemic motivates more enterprises to move their workloads to the cloud and rely more on the internet. More
Story image
App security not keeping up with rapid development — Radware
“With more than 70% of respondents reporting that their production apps have already left the data centre, ensuring the security and integrity of these data and applications is becoming more challenging, particularly in multi-cloud environments.”More
Story image
Kaspersky steps in to protect automotive industry from cyber threats
The company’s TI report, previously available for a selected range of customers, is able to provide car manufacturers with in-depth analysis of industry-specific security threats.More