Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
News, news analysis, and commentary on the latest trends in cybersecurity technology.
IT practitioners are developing ransomware response plans, but many of them are not confident in their data resiliency tools.
2 Min Read
Source: IDC/Druva
The good news: IT professionals recognize the important of data resiliency in ransomware defense. Less good: The recovery measures they are relying on may not be as effective as practitioners expect.
A recent IDC and Druva survey asked 505 respondents across 10 industries about their ransomware experiences and found that many organizations struggle to recover after an attack. In the survey, 85% of the respondents said their organizations had a ransomware recovery plan. The challenge seems to lie in effectively executing that plan.
"A majority of organizations suffered significant consequences from ransomware attacks including long recoveries and unrecoverable data despite paying a ransom," states the "You Think Ransomware Is Your Only Problem? Think Again" report.
Data resiliency is such an important element of cybersecurity that 96% of respondents considered it a top priority for their organizations, with a full 77% placing it in the top 3. What's striking about the survey results is that only 14% of respondents said they were "extremely confident" in their tools, even though 92% called their data resiliency tools "efficient" or "highly efficient."
"When data is spread across hybrid, cloud, and edge environments, data resiliency becomes much more complicated," said W. Curtis Preston, chief technology evangelist at Druva, in a blog post.
A plan might seem to cover everything, but then you realize that you lost your backup or can't find the latest restore point.
The ability to recover from an attack is vital, since the growth in ransomware makes it likely that your organization will get hit. This is why agencies like NIST recommend preparing for when an attacker pierces your defenses rather than trying to keep out every intruder. That mindset also shifts the priority to preparation and planning; you need to create a disasterrecovery plan that includes policy on restore points and recovery tools — and you need to practice implementing that plan before disaster strikes.
The report lists three key performance indicators that reveal the success of an organization's recovery from a cyberattack:
The ability to fully recover encrypted or deleted data without paying a ransom.
Zero data loss in the process of recovering the data.
Rapid recovery as defined by applicable service-level requirements.
"When a recovery fails to meet these criteria, then the organization may suffer financial loss, loss of reputation, permanently lost customers, and reduced employee productivity," the report warns.
About the Author(s)
You May Also Like
More Insights
Webinars
Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024
Events
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024