A successful ransomware attack can paralyse a business, interrupt operations, cause revenue loss, and hurt customer trust. Prevention is a vital task for IT and security departments, with best practice demanding that the capabilities of a next-gen data management platforms are leveraged, to better manage, govern, protect, backup, and recover, organisations’ data.

The IT environments used by most enterprises are notoriously complex. Many organisations now use a hybrid IT landscape of on-premises and cloud infrastructure, but in a growing number of examples, many now use a multi-cloud environment. These technology advances enable business transformation, but also afford cyberattackers an increased amount of options to mount an attack. 

Why tech startups must address cybersecurity challenges in 2022

Companies in Singapore need to boost their defences, in the face of an alarming increase in ransomware attacks. In 2020 the Cyber Security Agency of Singapore (CSA) reported a 154 per cent increase in cases over 2019. The cases emerged from sectors including manufacturing, retail and healthcare. Ransomware cases reported in the first half of 2021 were more than double the number reported in the previous year. According to the Allianz Risk Barometer 2021, cyber incidents and business interruptions (which ransomware causes) are the leading two threats to business in 2022, ahead of natural disasters (such as floods, earthquakes and fires), further pandemic outbreaks, climate change, and a shortage of skilled workers.

CSA found that the significant increase in local cases was probably influenced by the global ransomware outbreak, with three distinct characteristics – a shift from opportunistic to more targeted attacks, the adoption of “leak and shame” tactics and a rise in “Ransomware-as-a-Service” (RaaS) models.

Billions invested in more security

Across the Southeast Asian region, governments are stepping up their spending on cyber security. The US International Trade Administration reported that ASEAN member countries collectively will invest US$171 billion on cyber security, between 2017 and 2025. Malaysia’s Cyber Security Strategy 2020-2024 allocated US$434 million to strengthen cyber security preparedness and upgrade national cyber security measures. In Singapore, the government’s 2020 Budget committed to spending S$1 billion over three years, to build up its cyber and data security capabilities. In the private sector, major global players are also taking security more seriously than ever. Google, for example, plans to pump $10 billion and Microsoft as much as $20 billion into cybersecurity over the next five years. Despite the huge investment into security, prevention needs to go hand in hand with recovery so that an IT disaster does not turn into a business catastrophe. 

The IT industry globally and regionally is battling total data loss on many fronts. In order to protect applications and data in different environments and meet different service levels at different application tiers, enterprises have historically invested in numerous individual products, each designed for a specific environment or application tier and service level. This fragmented approach not only leads to unnecessarily complex IT operations, but also higher total cost of ownership (TCO), higher risk of data loss and longer downtime.

Surprisingly, disaster recovery isn’t a given. A recent report by Forrester found that though 90% of firms said improving their ransomware attack response capabilities is a top priority, less than a quarter have a business continuity contingency for such an attack.  After such an attack, backups are often fragmented and/or compromised, meaning businesses lose significant time recovering data and restoring applications. Most companies claim to be confident in their ability to recover from ransomware attacks — 77% of respondents in the Forrester report stated that they are confident or very confident in this – but this confidence is generally unfounded. Only 11% of organisations surveyed reported that they could recover the data and restore the applications within three days after a ransomware attack, and on average, these businesses are only recovering 58% of their data after such an attack. A mere 25% are able to recover 75% to 100% of their data. For 15% of respondents, it can take weeks to recover the data and restore their business applications – and two-thirds of respondents who said it takes 15 to 30 days for them to recover data could only restore 25% to 49% of their data.

The impact of ransomware attacks on businesses and organisations can be devastating – whether its small businesses, public institutions, or healthcare providers – with operations and reputations able to be irrecoverably damaged in minutes. Businesses understand this challenge, with 51% noting that they lost customer trust after a ransomware attack, while 43% noted that they lost revenue because their business operations stalled. Worryingly, only 41% indicated that they restructured their business continuity plans, despite their loss in customer trust, revenue, and business partners.

Take strategic action against total failures

Clearly, organisations need to adopt serious measures to enable fast and comprehensive recovery from ransomware attacks. Cloud-based service solutions can save organisations significant sums of money. The unified platform concept helps to quickly return to normal operations in the event of damage. With Backup as a Service and Disaster Recovery as a Service, data can be backed up and restored between in-house data centers or from the data center to the cloud. The platform also supports heterogeneous environments.

Companies need the greatest possible data protection across different environments, application layers and different service levels. At the same time, they need to reduce operational complexity as well as total cost of ownership. Thus, enterprises should rethink their current backup and disaster recovery strategy and ensure that a modern recovery solution is established to complement the backup system. 

A disaster recovery solution must:

  • Simplify operations by consolidating data and workloads across environments and provide automated DR orchestration
  • Automate failover and failback to reduce downtime and data loss
  • Reduce total cost of ownership with a unified platform for backup and disaster recovery that can be used on-premises and as a cloud service

Complementing recovery is the need for a viable backup strategy. The trick is to find a strategy that will return to an unencrypted data point quickly and without major data loss in the event of a disaster. 

To do this, every company should interrogate its current backup strategy by determining where the critical data is located, how much there is and whether it’s on premise, in the cloud, or a mixture.

Ideally, organisations should ensure data resilience and business continuity with a data management solution that integrates data protection and disaster recovery into a single SLA-driven framework across application tiers and environments. After all, for business to run around the clock, applications must too.

This was contributed by Sathish Murthy, Director of Systems Engineering for Cohesity ASEAN / India region

About the author

Sathish Murthy, Director of Systems Engineering for Cohesity ASEAN / India region. He brings in a wealth of experience in the data management industry. Prior to this role, he
was responsible to build a successful tech team at Nimble Storage/HPE. He brings customer experiences in APAC Product Management and Marketing, Systems Engineering and Solution Architect while at companies like EMC and NetApp. Sathish current focus is to help customer transform by harnessing the power of data.