Organisations falling prey to cyber-attacks due to lack of data resiliency
Data resiliency is the best way to protect businesses from cybersecurity risks. Cyber-attacks are increasingly growing, and data resiliency is the way to go as technology evolves
Neil Banerjee December 1, 2022
MORE IN Interviews
Data resiliency is the need of the hour and companies have now started to acknowledge this. With the marked increase in cyberattacks and ransomware cases, organisations are taking steps to strengthen their data infrastructure and secure their assets. SME Futures spoke to Bakshish Dutta, Country Manager, India & SAARC, Druva on the importance of data resiliency for organisations and why SMEs should put more focus on it.
What is data resiliency? Why should focusing on it be one of the top priorities for organisations?
Data resiliency primarily moves data protection from a passive to an active discussion. Data resiliency proactively detects, alerts, and responds to problems and helps in protecting against new threats (ransomware, supply chain attacks, insider threats). Data resiliency is one of the key pillars for business success since data can be the most valuable asset for any organisation. Hence, it must be one of the top priorities for organisations as well.
Data resiliency helps in accelerated recoveries, which empowers organisations to say “no” to anyone demanding a ransom in case of data theft or loss. It has the power to deliver intelligent approvals and insights that can drive business continuity and growth.
Why are security mechanisms essential? How can SMEs safeguard their data?
Today, security threats are increasing rapidly as criminals target the software supply chain. Cybercriminals directly enter a software supplier’s environment and compromise their modules with malware, thereby exposing every company that leverages the software to similar vulnerabilities.
The only solution to combat these growing threats is to constantly scan for such risks in a dynamic micro services environment. Evolving organisations should select proven cloud providers to manage and protect their data across common services, rather than combating that challenge for all their applications. IT teams should focus on their equipment and their resources to support company growth and for delivering unique customer value. Data resiliency is the need of the hour to help save important data from the rampant security threats that might beset any SME or organisation.
What are the evolving threats to cybersecurity? How can companies protect their businesses from cybersecurity risks?
All organisations are at risk from the evolving threats to cybersecurity such as ransomware, phishing, data leakage, hacking, and insider threats. Cybercriminals and insider threats are escalating. Meanwhile, in the wake of these significant challenges, organisations are expecting their IT teams to do much more with the minimum resources that they have.
Hence, to deal with this growing concern, focusing on data resiliency by protecting organisations’ data, applications, and businesses is crucial. Ransomware-as-a-service offerings enable anyone to attack at any given point in time, enabling them to penetrate through any system. Once they are inside the environment, the attackers spread rapidly through the insecure legacy data infrastructure.
Today, businesses are increasingly adopting software-as-a-service (SaaS). The shortage of processors, SSDs, and memory means that many companies will not be able to acquire servers and storage.
Cloud providers have the purchasing power to expand the on-demand capacity and instant scalability that businesses need. For those companies which are new to the cloud and are purchasing infrastructure-as-a-service, management can be complex and ultimately the organisation becomes responsible for securing its own data.
There are five pillars which drive the data resiliency cloud which include: Cloud Data Operations, the Multi-Cloud Control Pane, the Multi-Layer Cyber Defence, the Autonomous Operation, and the True Cloud Experience. Data resiliency is a key solution to protect businesses from cybersecurity risks.
What are the vulnerabilities that cybercriminals target? Has the usage of the Internet of Things (IoT) increased the chances of cybercrimes?
Cybercriminals seek to exploit human or security vulnerabilities in order to steal passwords, data, or money directly. The most common cyberthreats include the hacking of email passwords and social media accounts and phishing, which are bogus emails asking for security information and personal details. Cyber warfare represents a significant threat as geopolitical concerns have come to the forefront this year.
Companies as well as the government need to remain aware of their virtual vulnerabilities, regardless of their distance from the physical battlefield. During hostilities, malware attacks spill over from the targeted systems and the affected servers. As international sanctions impact economies, threat actors can repurpose malware generated for nation-state attacks to carry out more traditional financially motivated ransomware attacks.
The expansion of the Internet of Things is also creating more opportunities for cybercrime. Today, the Internet of Things (IoT) is the fastest-growing technology, and it is having a tremendous impact on our social lives as well as on our corporate environments due to its quick evolution and its capability to extend numerous services. IoT has evolved as a top asset for businesses and this trend will continue. Cyberattacks have become a part of IoT, leaving user data and digital societies endangered.
What risk does ransomware pose? What steps should a business take after it has been hit by a cyberattack?
Ransomware is malware that prevents users from accessing their personal, work, or system files in order to demand a ransom payment. Ransomware attacks are becoming more sophisticated and are taking place more often than they did earlier. Ransom demands are increasing as threat actors carry out attacks that often delete or encrypt backup data. Recovery times are also increasing as data systems are becoming more complex, encompassing both the endpoints as well as the data centres.
Post cyberattacks, organisations need to protect their backup data from encryption and deletion, accelerate their ransomware recovery and bridge the gap between their backup and security systems.
Cyber extortionists, often referred to as ransomware gangs, are now providing ransom-as-a-service as well. How are these groups able to operate despite strict regulations and guidelines?
According to cybersecurity researchers at Digital Shadows, LockBit 2.0 and Conti were the two most active ransomware gangs earlier this year. These ransomware gangs have many different departments, including those for administration, finance, coding, and research.
They even discuss best practices to keep the members of their group hidden and have regulations on how the hackers should handle their codes. RaaS makes it harder to hold a single gang responsible for an assault because several cybercriminals frequently participate in a single cyberattack by working on different stages of the ongoing operation.
According to the IDC report, 77 per cent of the respondents take data resiliency seriously. If so, why are so many companies still facing cybercrimes? Is it because the security is not advanced enough or are there too many vulnerabilities to cover?
Many IT leaders think that they are ready for ransomware attacks when in reality most are not. Many organisations are forced to pay a huge ransom, lose their data, and then take excessively long to recover from such dangerous cyberattacks.
Unfortunately, no one knows what they don’t know until it’s too late. Cybercriminals have extensive experience in finding vulnerabilities and hence, attacks can occur in unexpected ways. It is imperative that IT and business leaders make an open assessment regarding their data resilience and cyber-recovery capabilities. Therefore, the issue is not that the security is not advanced enough or that there are too many vulnerabilities to cover, but the essentiality of implementing data resiliency which is the need of the hour.
Which sectors are the most vulnerable to cybercrime? What are the visible threats to those sectors?
The top five industries which are at a high risk for cyberattacks include public administration, healthcare & pharmaceuticals, finance & insurance, education, and the retail industry since they work with highly sensitive data. These are some of the industries which are the most vulnerable to the rising cases of data breaches.
The cyberthreats in these sectors include government data ending up being stolen for the purpose of financial gain or espionage. Government databases are attacked by malicious actors mainly to obtain strategic information. Another common threat to public administrations is through hacktivism.
Is the IT law adequate enough to fight cybercrimes?
Cyber laws give legal recognition to electronic documents and provide a framework to support e-filing and e-commerce transactions. They also offer a legal framework to check cybercrimes. Indian cyber laws are known to protect several illegal activities in cyberspace. The IT Act is prominent in the Indian legal framework, as it delineates the entire investigative process regarding cybercrimes. One can find laws that penalize cybercrimes in a number of statutes and even in the regulations framed by various regulators.
Is cybersecurity a management issue or a technology issue?
Cybersecurity requires a system or an organisation to adapt and strengthen itself in response to the existing threats and risks that it might be facing. It’s imperative for it to prioritize its data’s security and take action at the right time, hence cybersecurity is clearly a management issue. Organisations’ valuable data and assets are being increasingly exposed to security threats, both external and internal. Threats that encompass theft, sabotage, embezzlement, industrial espionage, and fraud. Cybersecurity management mitigates the risk exposure of organisations by using a range of managerial and social controls, including legal and technological processes.