Three insights you might have missed from the "Why Ransomware Isn't Your Only Problem" event

Cyber resilience has risen in importance as a competitive differentiator for enterprises. With ransomware strikes on the rapid rise, organizations caught unaware stand to lose in multiple ways: from the financial to the reputational.

So, how prepared are businesses to face this threat? And does the enterprise’s confidence match the realities that are present at the moment? These questions, and many more, formed the central theme of the recent “Why Ransomware Isn’t Your Only Problem” event.

Industry analysts Dave Vellante, Lisa Martin and John Furrier, co-hosts of theCUBE, SilicionANGLE Media’s livestreaming studio, hosted the event. They spoke with Druva Inc. executives, as well as an IDC research professional, about enterprise cyber resilience, what the data is showing, and how enterprises can better equip themselves to face the intensifying ransomware battle. (* Disclosure below.)

Here are three insights you might have missed during the event:

1.) Digging into the cyber resiliency stats

The event’s segments highlighted major endpoint statistics from a recent IDC survey that paint a succinct picture of where the enterprise stands on cyber resiliency today. One stat of note is that despite 83% of organizations stating they have a playbook in place to counter ransomware, 46% have successfully been attacked in the past three years alone.

There are other noteworthy stats that flesh out the survey’s conclusion, including:

• 50% of organizations believe cloud will play a major role in data-resilience strategies, in areas such as backup and recovery and data archiving.
• Of the organizations affected by the aforementioned attacks, 50% lost data.
• The #1 reason identified for enterprise data loss is the inability to find correct recovery points, despite 93% claiming they use automated tools for that.
• Only 14% of the organizations were “extremely confident” in their data resiliency tools.

“The research that we found is about 46% of organizations have been hit within the last three years. It’s kind of interesting how it’s changed over the years,” said Phil Goodwin,  research vice president at International Data Corp.

The bottom line: A disproportionate share of companies (67%) of those hit with ransomware attacks had to pay up. This number should be much lower if the right set of cyber-resiliency tooling and practices are in place. And the “go it alone” approach is likely to be insufficient as malicious actors sharpen their craft with more intricate techniques, the survey pointed out.

“The fact is ransomware is so profitable, the bad guys aren’t going to just fade into the night without giving it a lot of fight,” Goodwin stated. “So, I really think that ransomware is one of those things that are here for the long term and something that we have to address and have to get proactive about.”

Here’s theCUBE’s complete video interview with Phil Goodwin:

2.) Understanding the data resilience problem

The research didn’t just cite numbers about the current state of enterprise cyber resilience. It sought to break down why organizations are finding it difficult to build out resilient data operations.

In an illustration from the analyst brief, we see that data resilience is a constituent part of digital resilience. Below it resides the tandem of disaster recovery and cyber-recovery. And at the bottom layer is data security. Logically, data protection and recovery are then foundational to data resilience.

Key to cyber and disaster recovery is the backup infrastructure, which organizations often approach half-heartedly, according to W. Curtis Preston, chief technical evangelist at Druva Inc.

“I think that this long-running problem that’s existed as long as I’ve been associated with backups is that problem of nobody wants to be the backup person,” he said. “And people often don’t want to have anything to do with the backup system, and so it sort of exists in this vacuum.”

Another major challenge to solving the data-resilience problem for enterprises is data siloing, according to the survey. Most workplaces run multiple siloed iterations of data simultaneously, and this presents increased intrusion opportunities for malicious actors. Add to that the inconsistent or asynchronous data protection policies between those silos, and it’s a recipe for disaster.

Organizations that achieve cyber resilience do so with infallible backup and recovery systems that account for multiple disruption scenarios. Solutions allowing for data survival, integrity and recovery with minimal loss must be treated as a priority.

“No one’s looking at the fact that backups are the attack vector. They become the attack vector,” Preston stated. “And so because they’re the attack vector, they have to be protected as much, if not more, than the rest of the environment.”

Here’s theCUBE’s complete video interview with W. Curtis Preston:

3.) Remaining a step ahead

One advantage malicious actors have is the ability to quickly evolve their methods, often leaving victims blindsided. The enterprise must now account for all kinds of threats — known or unknown.

Staying one step ahead of attacks would imply leaving a few old methods behind, according to Stephen Manley (pictured, left), chief technology officer of Druva.

“The disk-based architecture’s been around for almost two decades now in terms of disk-based backup,” he explained. “You can have that tuned to the hilt and running as efficiently as you want it, but it was built before the ransomware attacks before all these cyber issues really start hitting companies. So you have this really well-run traditional backup environment that is not at all built for these modern threat vectors.”

Cloud also enables considerable advantages in data protection and resiliency, Manley added. Its security, scalability and adaptability benefits have been critical to companies keeping up with their bloating data, Manley added.

“The first one is security and ransomware,” he said. “We can go deeper, but the most obvious one is air gap, offsite, managed under a separate administrative domain so that you’re not retrofitting any air gap network and buying another appliance or setting up your own cloud environment to manage this. Every backup is ransomware protected and guaranteed. I think the second advantage is the scalability.”

Here’s theCUBE’s complete video interview with Stephen Manley and Anjan Srinivas (pictured, right), vice president and general manager of product management at Druva:

And here’s the complete “Why Ransomware Isn’t Your Only Problem” event video:

(* Disclosure: TheCUBE is a paid media partner for the “Why Ransomware Isn’t Your Only Problem” event. Neither Druva Inc., the sponsor for theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Image: SiliconANGLE