Secure backup strategies imperative for business continuity

Issue 6 2023 Infrastructure, Information Security

In the Middle East and Africa, only 14% of organisations experienced no ransomware attacks in 2022, according to the Veeam Data Protection Trends Report 2023. This is evidence that cybercrime is on the rise, and businesses need to adjust how they manage their data to fend off attackers, or risk irreparable damage, writes Lisa Strydom, Senior Manager Channel and Alliance for Africa at Veeam Software.


Lisa Strydom.

In South Africa, in particular, cybercrime threatens business continuity and costs the economy more than R2.2 billion annually1. Alarmingly, Interpol suggests that South Africa boasts the highest number of threats on the continent and, shockingly, third in the world2.

Cyberattacks have emerged as the top threat to businesses, forcing a re-evaluation of data security policies, with a particular emphasis on ensuring that data is properly backed up, so that organisations can dependably recover data after a crisis and eliminate the risk of data loss. Verifying backup data is essential to a successful recovery, owing to the yearly growth in ransomware attacks. Without secure, immutable and verifiable backups, organisations run the danger of data loss and increase their risk of having to pay a ransom.

This threat is further stressed in the Veeam Data Protection Trends Report 2023, where, in 2021, 76% of organisations were successfully attacked by ransomware at least once, and in 2022, this number leapt up to 85%.

To ensure that organisations do not become victims of attacks, terms such as ransomware preparedness and cyber resilience are often bandied about, but do we know what these mean?

While the two work hand-in-hand, there are distinct differences; with ransomware preparedness specifically referring to the measures organisations need to put into place to prevent a ransomware attack, while cyber resiliency refers to the measures an organisation takes to get up and running after being attacked.

In the industry, we talk about data being the new oil – a high-value commodity. It is a critical component of any organisation, and any loss or breach of it may result in irreparable damage, including loss of revenue, reputation damage, or regulatory and compliance negligence that could see the issuing of hefty fines.

The Veeam Ransomware Trends Report 2023 explored this topic further by surveying 1200 IT leaders who experienced ransomware attacks. While 80% of respondents acknowledged paying, one-fourth of them still could not recover their data even after paying the ransom. Only 59% of encrypted or destroyed data was recoverable after an attack, highlighting that some of the data is not readable, and as a result, organisations end up not being able to use the data again.

A secure, immutable backup is an organisation's best line of defence, and to bolster its data defence arsenal, implementing the 3-2-1-1-0 backup strategy should be considered. This means storing three copies of the data on two different media types. One copy should be stored offsite and one copy offline – air-gapped media or immutable storage within disks or clouds – to ensure survivability that the backup does not contain malware and cannot be tampered with by an attacker.

Lastly, with 56% of respondents to the Ransomware Report telling us that reinfection during data restoration happened to them, the zero relates to ensuring that the data has been verified as being able to be restored with zero errors. Staged restorations, to prevent re-infection during recovery are the secret to ensuring the recovery process does not re-introduce malware or corruption. Hybrid IT architectures for recovering to alternative platforms, like any other BC/DR strategy, also deliver additional redundancy and resilience.

Global organisations point out several challenges when it comes to adequately securing their data. This includes a lack of sufficient tools, resources and skills and believing that ransomware defences are costly.

While the cost of solutions from trustworthy data protection experts may seem high, keep in mind that paying a ransom could have catastrophic financial repercussions for the organisation, even if the attackers release the data once the ransom is paid. Additionally, there could be repercussions from the breach, such as violating compliance laws in relation to the GDPR or PoPIA. Many people would be hesitant to complete the transaction without a full warranty to ensure the vehicle runs smoothly and unhindered for years to come, and the same can be said for data protection. A ransomware warranty does not guarantee that it can solve every ransomware problem. However, it forms an important part of an operation’s ransomware recovery strategy.

At Veeam, we recently launched a Ransomware Recovery Warranty. In the event of a verified ransomware attack, and given that customers have followed the correct procedures, the company will cover the data recovery cost of up to US$5 million.

With 85% of organisations increasing their data protection budgets this year, some by as much as 6,5%, creating a secure backup strategy is a business imperative to mitigate the risk of ransomware attacks. Those who experienced ransomware first-hand stated that their cyber (prevention) budgets grew by 5,3%, while backup (remediation) budgets grew by 5,4% globally. This welcome development shows that data protection is of concern to organisations and they are taking important measures to ensure its security should they face a cyberattack.

After all, it is not a question of ‘if’ or ‘when’ ransomware attacks will occur, but ‘how often’. The issue is now endemic, and businesses must do what they can to ‘inoculate’ themselves against it.

References:

1. Brandt K. CSIR: Cybercrime costs the economy an estimated R2.2bn per annum [Internet]. 2023 [cited 2023 May 23]. Available from: https://ewn.co.za/2023/04/05/csir-cybercrime-costs-the-economy-an-estimated-r2-2bn-per-annum

2. Ngila F. South Africa’s banking and insurance sectors are overwhelmed by cyber attacks [Internet]. Quartz. 2022 [cited 2023 May 23]. Available from: https://qz.com/south-africa-is-overwhelmed-by-hackers-1849510056




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Upgrade your PCs to improve security
Information Security Infrastructure
Truly secure technology today must be designed to detect and address unusual activity as it happens, wherever it happens, right down to the BIOS and silicon levels.

Read more...
The hidden cost of cheap networking gear
Duxbury Networking Infrastructure
When it comes to building a network, price is always a consideration, especially in the current economic climate, but there is a difference between smart spending and short-term savings with long-term losses.

Read more...
Open source code can also be open risk
Information Security Infrastructure
Software development has changed significantly over the years, and today, open-source code increasingly forms the foundation of modern applications, with surveys indicating that 60 – 90% of the average application's code base consists of open-source components.

Read more...
Fastest PCIe Gen 5.0 NVMe SSD
Products & Solutions Infrastructure
Sandisk has unveiled the WD_BLACK SN8100 NVMe SSD with PCIe Gen 5.0 technology, an internal SSD delivering speeds up to 14 900 MB/s and capacities up to 4 TB, with 8 TB solutions available soon.

Read more...
SA’s strained, loadshedding-prone grid faces cyberthreats
Power Management Information Security
South Africa’s energy sector, already battered by decades of underinvestment and loadshedding, faces another escalating crisis; a wave of cyberthreats that could turn disruptions into catastrophic failures. Attacks are already happening internationally.

Read more...
Unified storage solution
Products & Solutions Infrastructure
CASA Software has announced the local availability of Nexsan’s upgraded unified storage solution, Unity NV4000, which is ideal for mixed workloads, from virtualisation and video surveillance to secure backup and recovery.

Read more...
Almost 50% of companies choose to pay the ransom
News & Events Information Security
This year’s Sophos State of Ransomware 2025 report found that nearly 50% of companies paid the ransom to get their data back, the second-highest rate of ransom payment for ransom demands in six years.

Read more...
Suprema unveils BioStar Air
Suprema neaMetrics News & Events Access Control & Identity Management Infrastructure
Suprema launches BioStar Air, the first cloud-based access control platform designed to natively support biometric authentication and feature true zero-on-premise architecture. BioStar Air simplifies deployment and scales effortlessly to secure SMBs, multi-branch companies, and mixed-use buildings.

Read more...
Back-up securely and restore in seconds
Betatrac Telematic Solutions Editor's Choice Information Security Infrastructure
Betatrac has a solution that enables companies to back-up up to 8 TB of data onto a device and restore it in 30 seconds in an emergency, called Rapid Access Data Recovery (RADR).

Read more...
Advanced surveillance storage from ASBIS
Infrastructure Surveillance Products & Solutions
From a video storage solutions perspective, SkyHawk drives, designed for DVRs and NVRs, offer high capacity, optimised firmware, and a reliability workload rating of hundreds of terabytes per year.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.