Cyberattacks, such as ransomware and malware, continue to wreak havoc on enterprises. According to The Veeam Ransomware Trends Report 2024, based on a survey of 1,200 CISO, security professionals and backup administrators who experienced a ransomware attack in 2023, 43% of data remained unrecoverable after ransomware attacks. In this ransomware-centric report also noted that “many organizations are unprepared to recover from an attack despite the vast majority having incident response plans and policies in place.”
This huge gap exposes a strong need for enterprises to institute a cyber-focused, recovery-first strategy in order to secure their enterprise data storage infrastructure.
Primary Target
An enterprise’s storage infrastructure is the prime target of cyber criminals. They disable the backup systems and, then, hit hard the primary storage systems, where productive-level data resides. They take the data hostage and then demand a ransom.
The “more than 76 security solutions” didn’t stop them. The reason for this weak point is that it requires a different way of thinking about protecting the data infrastructure. What is needed is cyber storage resilience to be built into it. An IT professional, such as a CIO or CISO, may insist, “We already have cyber resilience in our IT infrastructure. Of course, we do. We use immutable snapshots.” End of story! They think they are all set.
However, immutable snapshots are only the beginning of ensuring that an enterprise IT infrastructure has the proper level of cyber storage resilience integrated into it. There exists a cyber resilience stack and next-generation data protection that signifies this new thinking about safeguarding the storage infrastructure.
The best starting point is to implement a cyber-focused, recovery-first strategy.
Given legacy and conventional cybersecurity approaches, with 43% of data unrecoverable after a ransomware attack, a recovery-first strategy turns the static data storage infrastructure, whether on-premises or hybrid multi-cloud, into a dynamic last line of defense to minimize the impact of a ransomware or malware attack.
With a recovery-first strategy that utilizes automated cyber protection and cyber detection capabilities that are found on primary storage systems such as the InfiniBox family, enterprises can have immutable snapshots taken just before a cyberattack corrupts the data and be able to recover all of the data – a known clean copy of data that is free of corruption – within minutes.
Cyber Storage Resilience Stack
The proof of ultra-fast cyber recovery is available in recorded webinars on Infinidat’s website. In September 2024, Infinidat did a live demo of recovering >2petabytes (PB) of data on an InfiniBox in four seconds. Additionally, Infinidat recovered a 24.5PB Veeam backup repository in only 13 minutes and 30 seconds.
The capabilities that enable this rapid recovery of valuable data include:
- Immutable snapshots: Whether automated, scheduled or manually created, InfiniSafe’s immutable snapshots are secure and unchangeable, point-in-time copies.
- Logical remote air-gapping: InfiniSafe provides a simple way to logically separate immutable data copies from network access, either locally, remotely, or both.
- Fenced forensic environment: InfiniSafe enables you to create a completely private network that is isolated for data validation, testing, and recovery.
- Cyber detection: InfiniSafe Cyber Detection validates the integrity of your immutable snapshots using powerful, AI-based scanning engine with 99.99% accuracy.
- Automated cyber protection: InfiniSafe Automated Cyber Protection reduces the threat window for cyberattacks through seamless integration into your Security Operations Center (SOC) or with your SIEM or SOAR data center-wide cyber security applications.
- Guaranteed near-instantaneous cyber recovery: Get all of your known good and validated data back and available for restore in minutes, regardless of the data set size, with Infinidat’s guaranteed cyber recovery SLAs.
This cyber recovery-first approach ensures that the right capabilities are in place, integrated together and operating at optimal levels to pushback against ransomware attacks. When an enterprise can get all their data back after such an attack, the organization gains leverage over the cyber criminals and negates the effects of the attack. In other words, you can ignore the cyber criminals’ ransom demand to pay them to return your data. You got it back yourself.
Cyber storage resilience ensures business continuity, which is, according to the World Economic Forum, one of the biggest concerns that organizational leaders have (67%) – more than any other cyber risk. Business continuity is “the biggest risk of a cyberattack,” says Pentera. As a result of these harmful attacks against IT infrastructure, 43% of CISOs who reported a breach reported unplanned downtime.
If enterprises don’t move forward with new thinking and a new cyber-focused, recovery-first strategy, they will be left to face hard questions about why current cyber security measures are not enough to mitigate ransomware and malware attacks.
Embracing cyber storage resilience as part of a broader cybersecurity strategy has emerged an important part of preparedness for the cyberattack that happens tomorrow or next week or next year.
As reported by the World Economic Forum, 91% of business leaders and cyber leaders say that they believe a far-reaching and catastrophic cyber event is “at least somewhat likely in the next two years.”
It’s better to be ready with cyber resilience on primary storage and secondary storage. Then you can tell the cyber criminals, “Take a hike ─ cyber style.”