Ransomware exploits inter-departmental gaps to bring business down
The growing wave of ransomware is successfully skirting organisational defences because departments tasked with security, backup and recovery, data management, and risk and compliance do not have coordinated and integrated approaches to protecting the most critical data in the organisation.
This is according to Mike Styer, country manager at GlassHouse South Africa, speaking ahead of a GlassHouse webinar on cyber recovery to be hosted in partnership with ITWeb and Dell this month.
Styer notes that ransomware is shutting down organisations and causing billions in damages, despite increased investment in a range of IT security, data management, backup and disaster recovery solutions.
“The IT security teams traditionally look outward to protect the ‘castle walls’ of the organisation. At the same time, you have teams backing up the data regularly, and other teams managing risk and compliance. Each department has invested in traditional best practice, but each operates in a silo. Data protection is everyone’s problem. What happens when the risk is brought into the organisation by an insider, embedded in the data and left there undiscovered and backed up repeatedly for months? When the malware launches, it becomes very difficult to recover to a point before the malware was embedded. And if that was six to eight months ago, you could have lost a lot of business and operational data.”
Styer says organisations are finding themselves particularly at risk due to the move to remote work in the past year.
“It’s become a massive problem. Where organisations used to have only one or two ports connecting them to the outside world, now they have ports and people spread everywhere. These leaks are too big to plug.”
With a cyber attack now taking place every 39 seconds, the growing wave of cyber crime is costing organisations $13 million on average per attack, and Accenture predicts $5.2 Trillion in global risk over the next five years.
To address these growing risks, organisations have to look inward, identifying the data most critical to their business, and keeping an immutable ‘golden copy’ of data in an air gapped vault. GlassHouse says it offers the only solution which has integrated data protection appliances, data protection and backup software, machine learning and artificial intelligence to detect known and unknown risks, combined with deduplication and compression technologies to allow organisations to secure unchangeable copies of their most valuable data.
“By creating an air gap between the ‘crown jewels’ of data and your normal systems, you have an immutable copy that adheres to all requirements. You always have the original copy of data, written in unchangeable format, and even if malware is embedded in it, it can be identified and prevented from launching. The ‘secret sauce’ in the GlassHouse and Dell offering is its advanced analytics and the unique vault; plus its capability to deduplicate and compress the data upfront; requiring only around 1TB to store up to 50TB of data, in many customer environments” says Styer.
The GlassHouse Cyber Recovery webinar on bridging the data-security gap for advanced cyber resilience will be held on 21 April, and is free to attend for professionals tasked with security, risk, compliance and data management. To register for this event, click here.