James Gorman, cybersecurity expert and entrepreneur
When leveraging cloud technologies for their workloads, companies often assume that their current backup strategy is sufficient for a cloud environment. However, having good backups has been a fundamental form of cyber and IT resiliency for over 35 years. Many IT organizations have established backup strategies in the past, but have yet to adopt them to meet new technologies and new threats.
Many organizations store backups in media storage onsite or offsite storage, cloud-based storage, or other company-managed facilities. However, as these traditional strategies and legacy solutions migrate to critical cloud-based workloads, they may need to be better suited to ensure the resiliency and recovery of cloud-based workloads. Because the cloud behaves differently than traditional on-premises systems in that it is programmable, ad-hoc, and on-demand, a different approach to backup strategies is required to ensure resiliency and recovery of cloud-based workloads. Legacy backups can cause problems when migrating to the cloud, are not designed to be cloud native and may need to be more effective at detecting and removing cyberthreats and corruption. Restoring and testing these backups can be time-consuming and disruptive to day-to-day operations. Corrupted backups can cause serious problems when attempting to restore from backup to live production, interrupting and delaying the restore operation. This corruption is especially problematic if the backup itself contains ransomware issues.
Some surprising stats:
- Ransomware attacks hit 80% of organizations in 2021. (Pollock)
- More than 60% of those attacked paid the ransom. (Pollock)
- The average ransomware payout increased to $570,000 from $312,000 in the first half of 2021. (mimecast)
- 58% of ransomware-infected organizations agreed to pay the ransom in 2021, compared to 34% in 2020. (proof point)
- 32% of them had to pay an additional ransom to regain access to their data/systems. (proof point)
- Ransom demands are five times higher when data breaches are involved. And it will happen six times more often in 2022 than in 2019.Arete & Ciencia)
Cybercriminals are becoming more skilled and specialized.
As cybercriminals become more skilled and specialized, they are able to launch attacks that evade detection for extended periods of time. According to one study, the delay between a malware infection and the launch of a ransomware attack is up to 72 days. This delay means that organizations can still restore an infected application even if they “do everything right”, such as having a backup from a month or two ago. Ransomware recovery is a worst-case business scenario. Businesses should implement solutions that specifically protect against ransomware backups. One such solution for the cloud is a cyber recovery service that can ensure application integrity during and after a potential attack.
Cyber Recovery Service
Elastio offers cyber recovery services.
- not just a backup
- In addition to malware detection
- as well as recovery services
- As well as another pretty dashboard
Elastio’s cyber recovery service provides comprehensive protection for your AWS workloads. It not only backs up your data, but also makes sure it is free of ransomware and corruption. Elastio’s technology gives you peace of mind knowing that your backups are malware-free and can be restored. The service also provides a mechanism to restore some or all of your applications without disrupting current operations. You can perform recovery testing to prove your team has completed disaster recovery training and document this for audits such as SOC 2, HITRUST, PCI or CMMC.
Elastio’s founders have extensive industry experience and have been leaders in backup, recovery and data security for decades. Deduplicated for cost effectiveness. download guide Protect cloud backups from ransomware for more information.
About the author
James is a cybersecurity expert and entrepreneur with experience securing, designing, deploying, and maintaining large-scale, mission-critical applications and networks. James has led teams through several FedRAMP, NIST, ISO, PCI and HITRUST compliance audits and has helped numerous companies formulate their compliance and infrastructure scalability strategies. His previous leadership roles ranged from VP of Network Operations and Engineering, CTO and VP of Operations at various companies such as GE, Epoch Internet, NETtel, SecureNet, Transaction Network Services, AuthX, Certify Global, SecureG, and Cyber Defense Media Group. do. and one page.
James can be reached online (jgorman@cyberdefensemagazine.com, @jgorman165, etc.) and on the company website. https://hard2hack.com/