Secure backup strategies imperative for business continuity

Issue 6 2023 Infrastructure, Information Security

In the Middle East and Africa, only 14% of organisations experienced no ransomware attacks in 2022, according to the Veeam Data Protection Trends Report 2023. This is evidence that cybercrime is on the rise, and businesses need to adjust how they manage their data to fend off attackers, or risk irreparable damage, writes Lisa Strydom, Senior Manager Channel and Alliance for Africa at Veeam Software.


Lisa Strydom.

In South Africa, in particular, cybercrime threatens business continuity and costs the economy more than R2.2 billion annually1. Alarmingly, Interpol suggests that South Africa boasts the highest number of threats on the continent and, shockingly, third in the world2.

Cyberattacks have emerged as the top threat to businesses, forcing a re-evaluation of data security policies, with a particular emphasis on ensuring that data is properly backed up, so that organisations can dependably recover data after a crisis and eliminate the risk of data loss. Verifying backup data is essential to a successful recovery, owing to the yearly growth in ransomware attacks. Without secure, immutable and verifiable backups, organisations run the danger of data loss and increase their risk of having to pay a ransom.

This threat is further stressed in the Veeam Data Protection Trends Report 2023, where, in 2021, 76% of organisations were successfully attacked by ransomware at least once, and in 2022, this number leapt up to 85%.

To ensure that organisations do not become victims of attacks, terms such as ransomware preparedness and cyber resilience are often bandied about, but do we know what these mean?

While the two work hand-in-hand, there are distinct differences; with ransomware preparedness specifically referring to the measures organisations need to put into place to prevent a ransomware attack, while cyber resiliency refers to the measures an organisation takes to get up and running after being attacked.

In the industry, we talk about data being the new oil – a high-value commodity. It is a critical component of any organisation, and any loss or breach of it may result in irreparable damage, including loss of revenue, reputation damage, or regulatory and compliance negligence that could see the issuing of hefty fines.

The Veeam Ransomware Trends Report 2023 explored this topic further by surveying 1200 IT leaders who experienced ransomware attacks. While 80% of respondents acknowledged paying, one-fourth of them still could not recover their data even after paying the ransom. Only 59% of encrypted or destroyed data was recoverable after an attack, highlighting that some of the data is not readable, and as a result, organisations end up not being able to use the data again.

A secure, immutable backup is an organisation's best line of defence, and to bolster its data defence arsenal, implementing the 3-2-1-1-0 backup strategy should be considered. This means storing three copies of the data on two different media types. One copy should be stored offsite and one copy offline – air-gapped media or immutable storage within disks or clouds – to ensure survivability that the backup does not contain malware and cannot be tampered with by an attacker.

Lastly, with 56% of respondents to the Ransomware Report telling us that reinfection during data restoration happened to them, the zero relates to ensuring that the data has been verified as being able to be restored with zero errors. Staged restorations, to prevent re-infection during recovery are the secret to ensuring the recovery process does not re-introduce malware or corruption. Hybrid IT architectures for recovering to alternative platforms, like any other BC/DR strategy, also deliver additional redundancy and resilience.

Global organisations point out several challenges when it comes to adequately securing their data. This includes a lack of sufficient tools, resources and skills and believing that ransomware defences are costly.

While the cost of solutions from trustworthy data protection experts may seem high, keep in mind that paying a ransom could have catastrophic financial repercussions for the organisation, even if the attackers release the data once the ransom is paid. Additionally, there could be repercussions from the breach, such as violating compliance laws in relation to the GDPR or PoPIA. Many people would be hesitant to complete the transaction without a full warranty to ensure the vehicle runs smoothly and unhindered for years to come, and the same can be said for data protection. A ransomware warranty does not guarantee that it can solve every ransomware problem. However, it forms an important part of an operation’s ransomware recovery strategy.

At Veeam, we recently launched a Ransomware Recovery Warranty. In the event of a verified ransomware attack, and given that customers have followed the correct procedures, the company will cover the data recovery cost of up to US$5 million.

With 85% of organisations increasing their data protection budgets this year, some by as much as 6,5%, creating a secure backup strategy is a business imperative to mitigate the risk of ransomware attacks. Those who experienced ransomware first-hand stated that their cyber (prevention) budgets grew by 5,3%, while backup (remediation) budgets grew by 5,4% globally. This welcome development shows that data protection is of concern to organisations and they are taking important measures to ensure its security should they face a cyberattack.

After all, it is not a question of ‘if’ or ‘when’ ransomware attacks will occur, but ‘how often’. The issue is now endemic, and businesses must do what they can to ‘inoculate’ themselves against it.

References:

1. Brandt K. CSIR: Cybercrime costs the economy an estimated R2.2bn per annum [Internet]. 2023 [cited 2023 May 23]. Available from: https://ewn.co.za/2023/04/05/csir-cybercrime-costs-the-economy-an-estimated-r2-2bn-per-annum

2. Ngila F. South Africa’s banking and insurance sectors are overwhelmed by cyber attacks [Internet]. Quartz. 2022 [cited 2023 May 23]. Available from: https://qz.com/south-africa-is-overwhelmed-by-hackers-1849510056




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

AI and ransomware: cutting through the hype
AI & Data Analytics Information Security
It might be the great paradox of 2024: artificial intelligence (AI). Everyone is bored of hearing it, but we cannot stop talking about it. It is not going away, so we had better get used to it.

Read more...
NEC XON shares lessons learned from ransomware attacks
NEC XON Editor's Choice Information Security
NEC XON has handled many ransomware attacks. We've distilled key insights and listed them in this article to better equip companies and individuals for scenarios like this, which many will say are an inevitable reality in today’s environment.

Read more...
iOCO collaboration protection secures Office 365
Information Security Infrastructure
The cloud, in general, and Office 365, in particular, have played a significant role in enabling collaboration, but it has also created a security headache as organisations store valuable information on the platform.

Read more...
Smart mining operations management
Mining (Industry) Infrastructure IoT & Automation
In his presentation at the recent MESA Africa conference, Neels van der Walt, Business Development Manager at Iritron, revealed the all-encompassing concept of SMOM (Smart Mining Operations Management) and why it is inextricably linked to the future of worldwide mining operations.

Read more...
Do you need a virtual CIO?
Editor's Choice News & Events Infrastructure
If you have a CIO, rest assured that your competitors have noticed and will come knocking on their door sooner or later. A Virtual CIO service is a compelling solution for businesses navigating tough economic conditions.

Read more...
The TCO of cloud surveillance
DeepAlert Verifier Technews Publishing Surveillance Infrastructure
SMART Security Solutions asked two successful, home-grown cloud surveillance operators for their take on the benefits of cloud surveillance to the local market. Does cloud do everything, or are there areas where onsite solutions are preferable?

Read more...
Cybersecurity and AI
AI & Data Analytics Information Security
Cybersecurity is one of the primary reasons that detecting the commonalities and threats of what is otherwise completely unknown is possible with tools such as SIEM and endpoint protection platforms.

Read more...
Cyber resilience – protect, defend, recover
Infrastructure
The challenge with AI is that threats are getting harder to detect. As a result, plans in 2024 are not just about detection and prevention, but about recovery.

Read more...
Powering business resilience and field operations
Infrastructure Products & Solutions
[Sponsored] The Anker 757 Portable Power Station emerges as a strategic asset for businesses looking to overcome power instability and the demand for operational efficiency in remote and field-based environments.

Read more...
Top bets for backup and business continuity
Infrastructure
Become your organisation’s data pioneer and spearhead data governance and protection of critical data. Challenge why best practices are not adopted or in place, while highlighting the inherent risks this poses.

Read more...