The Evolution of Ransomware Requires a Modern Approach to Data Management and Protection
Companies across Asia-Pacific continue to focus on gaining competitive advantage by transforming their digital business models, accelerating their digital transformation and innovation, increasingly adopting cloud applications, and strengthening their digital ecosystems.
However, all of these digital and transformative efforts result in a constant proliferation of data, which not only requires a broader and modern approach to management, but expands the attack surfaces of enterprises as malicious actors seek to attack this most valuable business asset.
This data management and protection challenge becomes even more complex as enterprises extend their cloud environments to multi-cloud environments and adopt or double down on a hybrid model of storing their data.
According to Deloitte, demand for public cloud services in Asia Pacific is expected to continue to grow and exceed $116 billion by 2024. IDC predicts that over the next two years, “as a service” solutions will take supported cloud needs for nearly 60% of businesses in the region.
As a result, the data management and protection challenge facing businesses will only intensify. Next-generation data management approaches and platforms enable organizations to keep pace with their digital transformation and resulting data generation, while strengthening their security postures.
Unburden businesses by moving away from legacy solutions
Digital businesses need a level of agility, flexibility, and scalability that traditional or legacy data management technology cannot provide.
Legacy solutions were not designed to fit into today’s modern computing environment, withstand today’s sophisticated cyber threats, or securely mine data for valuable, actionable insights.
Legacy data management solutions also add complexity in a multi-cloud or hybrid cloud environment, as they require organizations to manage a myriad of products from different vendors, resulting in “do-it-yourself” IT processes and policies. -even”, and even tailor-made techniques. solutions to be developed so that they remain functional, which entails higher costs and delays.
These limitations of legacy technology that compound the challenge organizations face in managing their growing proliferation of data will only get worse as new applications and technologies are adopted.
However, the most alarming challenge is protecting corporate data from the rapid growth and evolution of ransomware that seeks to disrupt and destroy business continuity by attacking data. Separately, EY’s 2021 Global Information Security Survey (GISS) found that defenses to mitigate ransomware were a sticking point for more than half of businesses in Asia-Pacific. .
Ransomware Evolution Requires Better Data Management and Protection
While organizations in Asia-Pacific may be able to defend against the relative lack of sophistication that is typical of first-tier or evolutionary ransomware attacks (Ransomware 1.0), which can be mitigated with traditional backup solutions and recovery, the second and third evolutions of ransomware – commonly seen today – require capabilities beyond those provided by legacy data management technology to mitigate their devastating effects and maintain cyber resilience.
The second evolution of ransomware attacks (Ransomware 2.0) focuses first on destroying backups and then on encrypting production data. This type of attack is designed to reduce the target’s ability to recover operations from backups, which limits the attacker’s ability to demand a ransom. More recently, in the third evolution of Ransomware (Ransomware 3.0), ransomware attacks focus on data encryption, exfiltration or theft to expose data for illegal sale in double extortion schemes.
Stopping attackers using sophisticated tactics and scalable ransomware approaches requires next-generation data management capabilities, including alignment with zero-trust security principles, leveraging AI-powered insights, and anomaly detection, and integration with third-party security solutions.
The inability to manage data – which shrinks a company’s attack surface – and deploy solutions that protect data in today’s growing cyber threat landscape will continue to force a significant number of companies to the region to make payments to recover the affected data. Unfortunately, this is becoming a real possibility for companies, with IDC finding that nearly half of companies in the region are willing to make payouts to attackers. Our recent survey – conducted by Censuswide – of over 2,000 IT and SecOps professionals in the UK, US and Australia found that 74% believe the threat of ransomware to their industry has increased over the past year and nearly one in two (47%) said their organization had been the victim of a ransomware attack in the past six months, demonstrating the very real threat ransomware poses.
Strengthen security postures with next-gen capabilities
By dramatically raising the stakes of cybersecurity, malicious actors and ransomware attacks have shifted the focus far beyond the established notions of perimeter, network and application, and security controls. As the threat landscape continues to challenge organizations’ cyber resilience, ensuring data security and trust at scale requires modern solutions designed to stay one step ahead.
At the enterprise and IT operations level, next-generation data management capabilities enable businesses to scale while effectively managing and protecting their data. In addition to enabling unparalleled flexibility and increasing operational efficiency, which lowers ownership costs, next-generation data management platforms help mitigate data sprawl by providing data visibility into hybrid and multicloud environments.
Not only is this a crucial capability that organizations need to effectively manage and protect their data, as it is a common contributor to data privacy and breaches, but it also helps them to Comply with data privacy laws and regulations.
Amid this threat-laden cyber landscape, including a third evolution of ransomware, delaying the modernization of security and data management will come at the peril of businesses. It is now imperative that enterprises augment their security strategy to incorporate a next-generation data management approach and, if necessary, technology that integrates and improves both their protection, detection and response against ransomware.
Next-generation data management platforms enable organizations to increase their cyber resilience and mitigate the impact of cyberattacks by enabling them to both protect and defend their business processes and data from being taken hostage, with measures such as immutable backup snapshots and WORM (write once, read many). WORM is a data storage technology mechanism that stores non-erasable and/or non-modifiable information after it has been written to a disc.
Cohesity’s DataLock (WORM) capability provides AI-based detection and analysis to identify anomalies and indicators of malicious data exfiltration in near real-time, and better respond to a successful attack with rapid recovery automation that delivers the speed, scale, and reliability that organizations need as the backbone of their security posture and cyber resilience.
Now more than ever, businesses need to increase their cyber resilience to reduce disruptions and downtime in the event of attacks, as it is a competitive advantage in a digital world where business is not s never stop.
However, a solid state of cyber-resilience can only be ensured through modern data management approaches and platforms that leverage state-of-the-art technology to integrate and protect hybrid or multi-cloud environments, provide data visibility end-to-end and have the necessary data. protection and recovery features to respond to cyberattacks, especially ransomware.
Sheena Chin is Head of Asean at Cohesity, a security-focused data management company.