Survey Reveals Lack of Confidence in Ability to Recover Data
A survey of 1,121 IT decision-makers at organizations with 100 to 2,500 employees that have more than 5TB of data found that as the volume of ransomware attacks rises, less than a quarter (23%) of respondents were confident in their ability to recover lost data.
The survey, conducted by Dimensional Research on behalf of Arcserve, a provider of backup and recovery software, found half of respondents have already been targeted by ransomware attacks, with 11% having had their data maliciously encrypted. Among those that ransomed their data, 35% reported their organizations were asked to pay over $100,000 in ransom payments, while 20% asked to pay between $1 million and $10 million.
Not surprisingly, 92% of all respondents said they are now making additional investments to protect against ransomware attacks, with the top areas of investment being security software (64%), training and certification (50%) and managed services (43%).
A total of 58% said they will rely on existing backups to restore operations as quickly as possible if a ransomware attack occurs, but only 35% said they have data backup and recovery capabilities in place required to support all remote employees.
Ahsan Siddiqui, director of product management for Arcserve, said too many organizations still underestimate the impact ransomware attacks can have on their business. The assumption is that after making a payment—that will be covered by cyberinsurance—they will regain access to their data. In reality, cybercriminals may opt to double-dip by asking for an additional payment in exchange for a promise to not publicly publish data on the dark web.
Worse yet, even after payment is made, cybercriminals often share the techniques they used to make the initial attack with other cybercriminals gangs. Then, the same organization is repeatedly targeted because they’re willing to pay a ransom.
Most organizations that have been through a ransomware incident quickly realize that, given the costs and ensuing level of disruption, it makes a lot more sense to invest in data management and protection platforms that enable them to access pristine copies of their data, said Siddiqui.
Unfortunately, there’s no way to prevent ransomware attacks from being launched in the first place. The challenge is finding a way to limit their scope and recover as quickly as possible. Time is quite literally money in these cases, so the speed at which data can be recovered matters more than ever.
Sadly, too many organizations don’t test whether they can recover data until it’s too late. Nor do they check to make sure that cybercriminals haven’t first encrypted all their backup data before moving on to the data residing in production environments. More than a few ransomware victims were surprised to discover that cybercriminal gangs are one step ahead of them. Just in case, it’s important to ensure access to copies of data residing in multiple repositories.
In the meantime, after more than two decades of theoretical discussions, it’s clear the convergence of cybersecurity and data management is finally starting to occur. The only issue that needs to be resolved is determining whether traditional IT or cybersecurity professionals are responsible for which aspects of security and data management and protection.
