As businesses become increasingly data-driven, the importance of protecting data from loss, corruption, and theft becomes a C-level priority. Malware is a leading cause of data loss. Ransomware, which locks data with unbreakable encryption and renders it useless, is among the most common forms of malware.
Most ransomware attacks now involve the theft of personal or sensitive commercial data for the purpose of extortion. Incidents are, therefore increasing in cost and complexity, as well as bringing greater potential for reputational damage. In fact, the year 2023 was marked by a persistent escalation in cyber threats as ransomware payments surpassed the $1 billion mark, the highest number ever observed.
Additionally, new regulations are calling for greater operational resiliency and, therefore, faster recovery times in case of disasters, even ones such as ransomware attacks. World Backup Day, observed on 31st March, serves as a valuable reminder of the need for effective data backup, recovery strategies and protection protocols. Effective data backup solutions can help mitigate the risk of data loss and significantly speed up data recovery.
Downtime is the biggest nightmare for modern businesses
Downtime is the most costly aspect of a ransomware attack. Any outage can result in dire financial and reputational consequences. According to Statista, the average downtime a company experiences after a cyber attack is around 22 days, a truly concerning statistic. Furthermore, a recent ESG research report stated nine out of ten respondents reported that their organisation could not withstand more than an hour’s worth of lost data before experiencing significant business impact.
Given the enterprise-wide disruption that can occur in the wake of a ransomware attack, it’s vital that organisations put technology and processes in place to protect themselves. How can they do this?
Safeguard data to secure business
Backing up data remains critical for data protection, but it’s not enough. Implementing advanced data protection capabilities helps companies better plan for – and recover quickly from – ransomware and cyberattacks. This essentially requires a two-pronged approach:
- Take regular, “immutable copies” of data
- Have the necessary infrastructure to rapidly restore from backups at speed and scale.
In the event of a cyber attack or any other event that compromises data or disrupts operations, companies can recover critical data from their immutable copies so that they can restore operations quickly. Importantly, they can do so without having to succumb to the demands of cyber criminals.
Proper immutability means these copies cannot be encrypted or even deleted by attackers. Modifying them in any way or the frequency of which they are used is protected with multi-factor authentication. It is, therefore, safe from hackers. This makes them far more resilient and reliable in the event of a cyber attack.
Restoration of data is as important as backing it up
Next comes the ability to restore data as fast as possible. Reliable backups are limited in their effectiveness if operations cannot be restored quickly. Some of the most advanced flash-based storage solutions dramatically increase the speed of data restoration.
The leading solutions boast a recovery performance of up to many hundreds of TBs per hour at scale. They enable organisations to restore systems in hours—rather than weeks, so they can get up and running again with minimal impact.
The ability to swiftly restore critical services is quickly becoming mandatory in some regulated industries. For example, the EU DORA (Digital Operational Resilience Act) regulation is geared to require that critical banking systems be recovered in less than 2 hours in case of disaster. It is very difficult to achieve with legacy data protection solutions, which were never designed with fast recovery in mind. We will likely see more countries and industries mandating quick recovery of critical services.
Ransomware recovery SLAs are now part of the solution
Protecting your data should be a major concern. However, be careful not to overlook other critical factors in the aftermath of a ransomware attack. For example, affected arrays could become off-limits and unusable. Following an attack, storage arrays are often locked down for forensic investigation by cyber insurance or law enforcement agencies. It can leave organisations unable to recover data pertaining to infected arrays. Without a data storage infrastructure to get systems back up and running, organisations are stuck.
Thankfully, there are now solutions on the market that can mitigate this risk. Some vendors can offer ransomware recovery SLAs, on top of an existing Storage as a Service (StaaS) subscription. These guarantee a clean storage environment with bundled technical and professional services in the wake of an attack.
In practice, this means being able to deliver a completely new storage environment in a matter of hours to recover from, should the original one be unavailable for any reason. This kind of guarantee can give businesses the peace of mind that they can recover safely and faster, even if arrays are locked down following an attack.
The key to organisational success is resilience and agility
Modern data threats require modern data protection solutions. This World Backup Day casts a timely reminder for organisations to re-evaluate their approach to data security. It’s critical that organisations double down on building resilience and agility across their organisation.
By future-proofing critical IT infrastructure and implementing a modern data protection strategy with effective processes to safeguard and restore data, organizations can avoid cybersecurity and downtime nightmares.
Pure Storage delivers the industry’s best platform to store, manage, and protect the world’s data. With a cloud experience across a unified storage operating environment, Pure Storage empowers every organisation with the agility to meet evolving data requirements at speed and scale, while reducing total cost of ownership. Pure believes it can make a meaningful impact in reducing data centre emissions worldwide by providing a storage platform that enables customers to significantly reduce their carbon and energy footprint.