printer friendly version

Secure backup strategies imperative for business continuity

In the Middle East and Africa, only 14% of organisations experienced no ransomware attacks in 2022, according to the Veeam Data Protection Trends Report 2023. This is evidence that cybercrime is on the rise, and businesses need to adjust how they manage their data to fend off attackers, or risk irreparable damage, writes Lisa Strydom, Senior Manager Channel and Alliance for Africa at Veeam Software.

Lisa Strydom.

In South Africa, in particular, cybercrime threatens business continuity and costs the economy more than R2.2 billion annually¹. Alarmingly, Interpol suggests that South Africa boasts the highest number of threats on the continent and, shockingly, third in the world².

Cyberattacks have emerged as the top threat to businesses, forcing a re-evaluation of data security policies, with a particular emphasis on ensuring that data is properly backed up, so that organisations can dependably recover data after a crisis and eliminate the risk of data loss. Verifying backup data is essential to a successful recovery, owing to the yearly growth in ransomware attacks. Without secure, immutable and verifiable backups, organisations run the danger of data loss and increase their risk of having to pay a ransom.

This threat is further stressed in the Veeam Data Protection Trends Report 2023, where, in 2021, 76% of organisations were successfully attacked by ransomware at least once, and in 2022, this number leapt up to 85%.

To ensure that organisations do not become victims of attacks, terms such as ransomware preparedness and cyber resilience are often bandied about, but do we know what these mean?

While the two work hand-in-hand, there are distinct differences; with ransomware preparedness specifically referring to the measures organisations need to put into place to prevent a ransomware attack, while cyber resiliency refers to the measures an organisation takes to get up and running after being attacked.

In the industry, we talk about data being the new oil – a high-value commodity. It is a critical component of any organisation, and any loss or breach of it may result in irreparable damage, including loss of revenue, reputation damage, or regulatory and compliance negligence that could see the issuing of hefty fines.

The Veeam Ransomware Trends Report 2023 explored this topic further by surveying 1200 IT leaders who experienced ransomware attacks. While 80% of respondents acknowledged paying, one-fourth of them still could not recover their data even after paying the ransom. Only 59% of encrypted or destroyed data was recoverable after an attack, highlighting that some of the data is not readable, and as a result, organisations end up not being able to use the data again.

A secure, immutable backup is an organisation's best line of defence, and to bolster its data defence arsenal, implementing the 3-2-1-1-0 backup strategy should be considered. This means storing three copies of the data on two different media types. One copy should be stored offsite and one copy offline – air-gapped media or immutable storage within disks or clouds – to ensure survivability that the backup does not contain malware and cannot be tampered with by an attacker.

Lastly, with 56% of respondents to the Ransomware Report telling us that reinfection during data restoration happened to them, the zero relates to ensuring that the data has been verified as being able to be restored with zero errors. Staged restorations, to prevent re-infection during recovery are the secret to ensuring the recovery process does not re-introduce malware or corruption. Hybrid IT architectures for recovering to alternative platforms, like any other BC/DR strategy, also deliver additional redundancy and resilience.

Global organisations point out several challenges when it comes to adequately securing their data. This includes a lack of sufficient tools, resources and skills and believing that ransomware defences are costly.

While the cost of solutions from trustworthy data protection experts may seem high, keep in mind that paying a ransom could have catastrophic financial repercussions for the organisation, even if the attackers release the data once the ransom is paid. Additionally, there could be repercussions from the breach, such as violating compliance laws in relation to the GDPR or PoPIA. Many people would be hesitant to complete the transaction without a full warranty to ensure the vehicle runs smoothly and unhindered for years to come, and the same can be said for data protection. A ransomware warranty does not guarantee that it can solve every ransomware problem. However, it forms an important part of an operation’s ransomware recovery strategy.

At Veeam, we recently launched a Ransomware Recovery Warranty. In the event of a verified ransomware attack, and given that customers have followed the correct procedures, the company will cover the data recovery cost of up to US$5 million.

With 85% of organisations increasing their data protection budgets this year, some by as much as 6,5%, creating a secure backup strategy is a business imperative to mitigate the risk of ransomware attacks. Those who experienced ransomware first-hand stated that their cyber (prevention) budgets grew by 5,3%, while backup (remediation) budgets grew by 5,4% globally. This welcome development shows that data protection is of concern to organisations and they are taking important measures to ensure its security should they face a cyberattack.

After all, it is not a question of ‘if’ or ‘when’ ransomware attacks will occur, but ‘how often’. The issue is now endemic, and businesses must do what they can to ‘inoculate’ themselves against it.

References:

1. Brandt K. CSIR: Cybercrime costs the economy an estimated R2.2bn per annum [Internet]. 2023 [cited 2023 May 23]. Available from: https://ewn.co.za/2023/04/05/csir-cybercrime-costs-the-economy-an-estimated-r2-2bn-per-annum

2. Ngila F. South Africa’s banking and insurance sectors are overwhelmed by cyber attacks [Internet]. Quartz. 2022 [cited 2023 May 23]. Available from: https://qz.com/south-africa-is-overwhelmed-by-hackers-1849510056

Share this article:

Further reading: