Modern attacks now deliberately attack backup data. Insights from nearly 3,000 organisations collated by Sophos found that 94% of those affected by ransomware said the attackers aimed for their backup. Resilience has now become less about the email security, firewalls and antivirus tools and more about how rapidly and effectively an organisation can recover.
And companies need to know how to recover. You need to ensure you always have recent, off-site and quickly restorable copies of critical systems and data, even when your primary environment has been hit by an attack or an outage. Rapid data restoration, agile data storage, cloud-based services with high durability, and integrated orchestration are key. As are backups, immutable storage, malware scanning and rigorous disaster recovery and business continuity plans.
Cloud backup has moved from being a secondary IT consideration to a core component of business continuity, compliance and cyber-resilience strategies. It has also become the last line of defence when preventative security measures fail. Even advanced prevention and detection will miss zero-day threats, insider threats and sophisticated ransomware-as-a-service campaigns, so recovery from trusted backups is the safety net that prevents permanent data loss or ruinous ransom payments.
And it isn’t just cybercrime that’s putting companies at risk. In reality, data can be lost through a number of everyday operational issues. Hardware failures, accidental file deletions, system errors, power disruptions and misconfigured systems are as much a common cause of data loss as security in companies of all sizes.
Recent industry research highlights how serious the consequences can be – Mastercard’s global survey found that one in four SMEs hit by an attack filed for bankruptcy or closed their business, and that 46% have been attacked over the past year. Trust and reputation are perhaps the hardest hit with 80% of companies saying that they had to spend a significant amount of time repairing the damage with their customers and partners.Â
For companies lacking a reliable backup infrastructure, these incidents can quickly escalate into prolonged downtime, which contributes to reputational and financial losses. Unfortunately, the growing sophistication of cyberattacks means that companies can’t ostracise their way through the year, sticking their proverbial head in the sand and hoping their company is too small, too niche or too far away to be attacked. Ransomware attacks are increasingly focused on the SME, making your operations perhaps the most vulnerable to attack.
You also don’t have to feel like preparing your business for an attack is an insurmountable task. Yes, it is a challenging environment and there is valid reason to be concerned, but investing in resilience doesn’t have to be complicated. A well-designed and executed recovery strategy can change the entire story if your company is successfully breached.
In a layered security strategy, preventative tools like email security, firewalls and endpoint protection form the first line of defence. Threat detection and response solutions add further visibility and monitoring capabilities. Backup, then, provides the final layer. If you experience an incident or a major system failure, secure backups ensure your systems can be restored quickly without paying ransom demands or suffering prolonged outages.
Which brings the conversation back to the fact that threat actors are increasingly focused on locating and encrypting the backup. To counter this threat, you can use immutable backup technologies which cannot be altered, deleted or overwritten once they’ve been created. This means that even if attackers gain access to your systems, they can’t tamper with the backup data. In a highly regulated sector, such as finance or healthcare, immutable backup is essential as it ensures you always have access to a clean and recoverable copy of your data.
Cloud and immutable backup overlap to create a really resilient disaster recovery strategy. Cloud is where the backups live, immutability is how they are protected from change. Storing copies of your data in a cloud platform ensures it is offsite, scalable and accessible over the network, and when combined with immutable storage, they provide you with off-site resilience and a clean recovery point if ransomware or an insider wipe everything else.
Cybersecurity has traditionally focused on keeping attackers out. And yes, this should still be a priority, but that is now balanced with backup solutions that ensure you’re always prepared in case things go wrong. Digital disruption is now almost inevitable, so the ability to recover quickly is becoming the defining characteristic of resilient organisations.
