All insights

Listening in on Ransomware Roundtables in Light of New Data

Tom Christensen Tom Christensen
Global Technology Advisor & Executive Analyst, Hitachi Vantara

June 01, 2022


Ransomware readiness is a team sport. That’s the key finding from a new study from ESG Global, “The Long Road Ahead to Ransomware Preparedness.”

According to the study, 79% of organizations have been exposed to ransomware, 41% have been victim of a successful attack, and 32% have been hit sporadically every month. Attacks are on the rise because it’s easier than ever for criminals to launch an attack, and because organizations are paying the ransoms to free their valuable data.

This new data compelled me to revisit a couple virtual roundtable events with C-Level and senior peers that focused on the power of collaboration to try and thwart ransomware attacks. In these sessions, held by VMware’s Meet the Boss, and then by Nimbus Ninety, we looked to extract insights about strategies that can lead to greater ransomware resiliency.

I first mentioned these roundtables in an blog in February, but now I’d like to delve into the conversations to explore the concerns and actions of the enterprise – from enterprise leaders – as compared to the latest findings from ESG. Here’s what they had to say.

Ransomware attacks persist

Within this new distributed environment, roundtable participants agreed that successful ransomware strategies include a methodological as well as a technical approach. Training employees across the organization is paramount, with the old corporate adage of “security by design” no longer making the cut. However, the core principles of data security remain the same. Employing the multi-layered approach of access and identity management, understanding the principles of Cloud and IoT, and utilizing analytics to identify anomalies all contribute to the methodological and technical advantages.

Preparation was identified as key to safeguarding against attacks. In fact, most agreed that organizations need to develop muscle memory in their capacity to respond to attacks. Once this is developed, they are able to respond to threats more quickly. One of the roundtables concluded with a resounding agreement that there is indeed a third pillar to be added to the guide to recovering from ransomware: methodology, technology, and culture.

Ransomware is not an IT problem alone

During one of the events, a lively debate ensued about how ransomware attacks are no longer merely the concern of “techies.” There was agreement that it is now a greater issue than the technological sphere and should be analyzed from a strategic and operational level. Organizations frequently end up in a state of “board paralysis” during these attacks, unable to decide whether to negotiate with attackers and if so, how is this done and by whom? All employees need to be educated on, and prepared for, ransomware attacks to allow for rapid decision making and preparedness to mitigate the impact of ransomware by removing the silos between IT teams and executive decision-makers.

Investments are coming from a combination of IT, security, and data protection groups. ESG’s research, Data is the Business, states that data must be de-risked, protected, made compliant, and leveraged to treat it like the business asset it has become. Hitachi Content Platform provides data quality, compliance, and protects data from the end-user to the edge and the core. In the case of a HCP customer data protection customer, ransomware readiness was key to implementing the right infrastructure resilient solution.

Several organizations, including the CIO, infrastructure team, compliance organization, and security team were involved in evaluating a secure platform for their users to securely access and share data. They also needed buy in from their end users. Therefore, they invited 20 key executives who were not IT savvy to provide feedback on user experience. Stakeholders decided that HCP would help realize their vision of a “Digital Workplace” to improve productivity, enhanced data security, and user protection.

Paying is not a strategy

It was acknowledged that security experts are always in crisis mode, with their primary state being alert and defense. This makes innovation difficult as organizations are usually one step behind the attackers. According to ESG, more than 50% of organizations are paying to get access to data again which demonstrates the inefficiencies of current ransomware strategies. Only 1 in 7 companies reported getting all their data back post payment. And one of the top implications of ransomware attacks is productivity loss due to downtime with no data access, waiting to reestablish access, and rework to recreate data if unrecoverable.

Your safety net against ransomware attacks

Participants in these recent roundtables concurred that the “basics” must be done right for any strategy to work. There needs to be automation of the recovery process and being able to create a secure zone environment where it is possible to isolate server or application pool to proactively test protection copies for recovery. The backup solution at the end of the chain is your last safety net, but there is much to get in place before then. The ESG ransomware readiness report states that 49% of companies report that they are taking extra measures for all their backup copies. If all the backup infrastructure is gone, you still have a valid copy of your data that cannot be overwritten.

The focus should be on mitigation rather than recovery with a holistic view of an organization’s ransomware strategy. Let’s face it, the cost of a ransomware attack is so enormous that mitigating that risk with a well-prepared solution that can repel attacks, makes sense every way you look at it. This is possible with a modern, elegant approach to unstructured data and a second layer of immutable storage to protect your most vital data assets.

I’ll continue to examine the state of ransomware in future musings but please feel free to explore more about Hitachi Vantara solutions and guidance that may help you:

 

Check out more great stories on Insights.


Tom Christensen

Tom Christensen

Tom has +30 years' experience in data center modernization, from compute and data infrastructure to hybrid and multicloud, applications, DataOps and big data analytics. He writes extensively about technology and advocates for sustainability and social innovation.