Image credit: SC Media
Data has become the lifeblood of modern businesses, driving operations and decision-making. With ransomware threats on the rise, however, organisations cannot afford to be complacent about their cybersecurity measures.
Lim Hsin Yin, vice-president of sales for Cohesity Asean, says while ransomware is a threat that can affect anyone, an often overlooked aspect of data protection goes beyond merely preventing ransomware. It also includes having the right architecture to manage the aftermath.
“There are many companies, including large corporations in the US, Japan and Asean, affected by ransomware. Despite having tools, people still fall prey to ransomware. You can protect [data only] so much, assuming it is only a matter of time before things happen. But what about your data recovery?” Lim says.
Only 1% of Malaysian companies said they could recover business data within 24 hours, with the rest taking days and some even up to three weeks, according to a report by Cohesity, a data security and data management firm.
In addition, more than three out of four companies have admitted to being victims of ransomware attacks, and 85% of companies have expressed willingness to submit to ransomware and pay to recover data and restore business processes.
The trend has only accelerated with the evolution of ransomware, from the encryption of targeted data to destroying backups and, now, the advancement of technology has allowed for these threats to exfiltrate data.
To counter these threats, Lim says, companies should use the 321 approach, where they keep three copies of data on two storage media and one off-site storage.
She stresses the importance of having off-site storage and says this is where air gaps come into play to secure data. An air gap is a tertiary site that hosts a temporary network, replicates the data of an organisation at specific times and will break off the connection once the data is backed up.
Air gaps are usually isolated in a separate area for the sake of hiding its very existence from threat actors.
“Make sure you have one off-site copy on the cloud or on the tertiary site, where the network can be cut when needed. Having this as a service helps prevent disasters and recover your data by having it protected with data logs and immutability on a faraway location,” Lim says.
She also recommends having data lock technologies when implementing air gaps. Data lock technologies can prevent deletion of modified data for a set time period, depending on what the organisation needs.
Ultimately, constant awareness and vigilance will still be needed to prevent the root of ransomware attacks. This can be cultivated in the form of employee training to maintain caution when dealing with foreign networks.
“You need network security, physical security, application security and data security from the protocol side. All of these are important, but one of the most important things is to make sure that every company goes through a security assessment,” Lim says.
Even staff in Cohesity are subject to periodic cybersecurity tests, where emails with seemingly regular handles are sent to employees to keep them on their toes and wary of possible threats.
“When you get attractive emails, just double check before you double click. Make sure that you don’t fall into different kinds of phishing mechanisms. Don’t allow any bugs to come into your laptop,” she says.
Source: https://theedgemalaysia.com/node/747188