Backing up enterprise data can reduce the effects of ransomware or a data breach. After experiencing a ransomware attack, 83% of victims paid to restore their data — preparing for cyberattacks in advance by conducting frequent data backups may help reduce these costs.
Spreading awareness about data backups is the mission of World Backup Day, which began in 2011. For World Backup Day 2022, Security magazine spoke with security leaders about the importance of enterprise cybersecurity.
Jon Check, Executive Director of Cyber Protection Solutions at Raytheon Intelligence & Space:
The Great Resignation has, subsequently, turned into the Great Exfiltration — the people leaving their jobs en masse may also be taking company data with them. In light of the Great Exfiltration, it is vital for organizations to create and implement a robust data loss prevention (DLP) strategy to prevent any exfiltration or destruction of data, whether intentional or accidental.
This year on World Backup Day, we are reminded that while there are many facets to a successful DLP strategy, one key component is ensuring that backups are performed frequently and stored in a secure location, which can help speed up the recovery time. It is also helpful to store backups offsite or at a secure network location in the event of data loss spurred by ransomware or another malicious attack, which may also target a backup system or prevent the recovery of a system.
John Fung, Director of Cybersecurity Operations at MorganFranklin Consulting:
Fung recommends following these three strategies when building a robust backup program:
- Strong Procedures: To ensure backups are made regularly, which minimizes potential data loss, they should be automated and performed regularly. Organizations should also include backups in compliance policies and procedures.
- Focus on Location: Ransomware commonly targets backups to prevent companies from restoring them rather than paying a ransom. That is why backups should be stored offline or in a read-only format. Ideally, backups should also be geographically distributed. That way if a natural disaster or power outage knocks out an organization's primary systems, the backups provide immense benefits.
- Comprehensive Testing: Backups and restoration procedures should be tested regularly to identify technology and security issues. This ensures that both the backups and the primary database are secured. Cybercriminals will search for "low-hanging fruit," and an unprotected backup is easier to steal and just as valuable.
Florindo Gallicchio, Managing Director, Head of Strategic Solutions at NetSPI:
This World Backup Day, it’s time to acknowledge how critical data backup has become, especially since many ransomware strains attempt to delete backup files, as we witnessed with Ryuk. Most businesses are faced with two significant risks when it comes to backups: the theft and public disclosure of sensitive data, and the disruption of critical business functions. If either of these risks occur, organizations could endure devastating consequences. To make sure that doesn’t happen, organizations need to proactively put strategies in place to bolster protection against these threat actors.
One way to do this is by ensuring that backups with all of the organization’s critical data are routinely, completely, and securely assessed –– as this is a necessary step in recovering from a possible ransomware attack. These backups should be encrypted so that sensitive data is not disclosed and stored in such a way that an organization can recover its data in a timely manner, as this is necessary to minimize disruption to business operations. Additionally, organizations should regularly revisit and test disaster recovery and business continuity plans to validate that ransomware and other threats won't impact the integrity of any backups.
Finally, any highly important, sensitive data should be stored on an entirely separate network from the internal network. That way, if ransomware targets the desktop network, it cannot spread to the critical systems and cause complete chaos. While this is a long-term and challenging strategy, it’s well worth the time and investment for organizations to counter the continuous risk of critical data loss.
Adrian Moir, Technology Evangelist and Principal Engineer at Quest Software:
As another World Backup Day rolls around, organizations need to focus on three different areas in relation to backup: proactivity acquired through immutability and access control, shared cloud security responsibilities, and cost optimization as data volumes skyrocket.
Recovering data from a backup after a ransomware attack is the cure to the problem, but prevention will always be better than a cure. Data must be secured from both a data and an access point of view, which can be done through multi-factor authentication (MFA), obfuscating data sets, data encryption, immutable data and more. With plenty of solution options out there, organizations should choose to provide the level of immutability and access control needed to proactively stop ransomware attacks before they happen.
Most businesses assume their data security is totally in the hands of their cloud providers, which can lead to unfortunate situations when data is not backed up. This is why organizations must follow the shared responsibility model, which discourages the "out of sight, out of mind" attitude and reduces the risk of lost data. Unfortunately, those following the model struggle with backups from the cloud because data is stored in slow object Blob storage and the system is designed for the endpoint user — not the IT admin’s backup experience. Going forward, we expect to see new approaches to APIs that provide faster data restoration and give cloud users more control and speed over their backups.
Data is growing at a rapid, exponential pace, so much so that some businesses can’t afford to protect everything. To reduce a negative impact on revenue and reputation, organizations must make informed decisions about which data systems are essential for running backups. Understanding the data set and then intelligently planning for when things go wrong allows organizations to recover prioritized data faster and optimize how and where money is being spent. By focusing on these three areas, organizations can ensure that they have an effective backup process to improve their data resilience across the organization.