Home Business framework Ransomware is a Business Resilience Issue, Not an IT Issue: Be Prepared to Reduce Risk and Recover Your Data

Ransomware is a Business Resilience Issue, Not an IT Issue: Be Prepared to Reduce Risk and Recover Your Data


/ PRESS RELEASE / This content is not written by Creamer Media, but is a press statement provided.

By Kate Mollett, Commvault Senior Regional Manager, South & East Africa at Commvault

Ransomware has grown exponentially over the past few years, and this trajectory is likely to continue. Data breaches and other security events pose significant risks to businesses because lost data not only represents a loss of business, but also compliance breaches, reputational damage and generally a heavy financial burden in terms of recovery. Although ransomware affects IT infrastructure, the impact of an attack goes far beyond that and extends to every corner of a business. Ransomware is therefore a business resiliency issue, not an IT issue, and organizations need to be data-ready in order to mitigate risk and recover effectively.

The true cost of ransomware

The ultimate goal of ransomware is to extort money, and this is done by exploiting vulnerabilities in business critical data, or data vital to operations, as well as sensitive data containing personally identifiable information (PII ). Once the malware gains access to data, it deletes, encrypts or corrupts it, rendering businesses inoperable until they can regain access to that data.

Cybercriminals will hold the data for ransom and promise to return it when the money is paid, but this is often not the case. Companies that pay the ransom are often unable to fully recover the data, leading to a host of other issues. In addition, the violation of compliance rules and the resulting damage to reputation cannot be repaired.

Internal and external threats

This threat to data is a substantial business risk, and while it is often an external threat, data can also be vulnerable internally. Whether insiders intentionally act with malicious intent or data is accidentally disclosed, exposed, or deleted, the outcome is the same. With ransomware, there is often a combination of these two threat vectors. The malware comes from outside, but it spreads inside the organization. The impact on the business can be massive and any data breach should be treated as a disaster, with an appropriate disaster recovery strategy and plan in place.

Mitigate risk

Dealing with the threat of ransomware, or the risk of any data loss event, requires a strategic approach that leverages data governance to align risk with the business value of data. It is essential to weigh the cost of data management against the impact on the business if something were to happen to this data, who will decide how this data should be treated. Critical and sensitive data have special requirements, and these should be part of a data governance strategy.

Understanding vulnerabilities and threats, developing policies and procedures to manage them, and educating the people around them are also essential steps. Having an incident response plan is essential, but more importantly, this plan must be evaluated before a problem occurs, to ensure that it is robust and handles scenarios effectively. Finally, all steps and decisions should be documented and auditable, so that in the event of a compliance breach, organizations can demonstrate that they have taken all necessary steps to protect their data.

Plan for the worst

With the accelerating volume of ransomware attacks and other cyber threats, it is prudent to plan for the worst-case scenario. Using a data management framework based on best practices and designing a data architecture around it can be invaluable. This includes immutable backups that cannot be infected with malware and can be used as restore points. Additionally, organizations need to know what critical or sensitive data they have, where they are, and why they are keeping it.

Permissions must also be handled to ensure that only the right people can modify or delete data, and data must be continuously monitored for anomalies so that threats can be detected more quickly before they cause too much damage. . The key is to have a plan, evaluate the plan, and then when something happens, go back to the plan to identify what went wrong and how it can be avoided in the future. Data loss events are a matter of when, not if, and organizations must be prepared for data to ensure it can recover effectively.