Freely subscribe to our NEWSLETTER

Ratan Tipirneni, President & CEO at Tigera

The rapid pace of digital transformation continues to create new opportunities–and threats–for today’s organizations. The increasing availability of Ransomware-as-a-Service, a model which offers bad actors sophisticated vulnerability distribution while simultaneously isolating them from the risks of the trade, will lead to a worsening security situation for unprepared enterprises. This World Backup Day, enterprises and small businesses alike must remember that security is not a one-time effort; it’s an ongoing process that organizations of all sizes must prioritize. As the threat landscape changes and evolves, businesses must constantly re-evaluate and adapt their security measures to stay ahead of potential threats, prioritizing key best practices like regularly backing up data.

Narayana Pappu, CEO at Zendata

With average data generation growing at 24.1% annually, organizations are spending more money year-over-year on storage, computing, and backup. Privacy regulations that mandate organizations to allow data deletion or portability only increase complexity by requiring organizations to keep multiple copies of information by user case. For example, a fintech company might allow users to delete their information and close their accounts, but they might have to keep a copy of the information for compliance and regulatory requirements. Organizations can save significant spend (a typical enterprise spends more than $10 million on backups) by using AI-enabled automation to evaluate the quality of information they are backing up, remove duplication, and ensure recovery of the most valuable data quickly in case there is an incident.

Matthieu Chan Tsin, VP, Head of Cybersecurity Services at Cowbell:

In today’s evolving cyber threat landscape, cyberattack techniques and tactics are more sophisticated than ever before. Companies are no longer asking themselves "if" they’ll be attacked, but "when", and must focus on ways to mitigate the impact of a compromise. While data backups may seem simple, they are a fundamental component of comprehensive risk management and incident response strategies. This World Backup Day, organizations should recognize the impact backups can have on:

Data recovery: Enterprises have access to valuable data, making them extremely vulnerable to cyberattacks. Regular backups serve as a way to restore systems following a compromise or internal failure. In case of an attack, backups can help minimize downtime when trying to recover data, ultimately reducing the impact of an attack.
Ransomware Mitigation: Ransomware attacks are detrimental to organizations since their internal networks are compromised, and they often have to pay hefty sums to recover them. By gaining access to and extracting the most valuable information, threat actors can command higher prices for the organization’s most sensitive data. Having up-to-date backups enables cybersecurity professionals to recover data and files, avoiding giving into ransom demands.

By prioritizing backup solutions and practices, enterprises can enhance their resilience against cyber threats and mitigate the impact of attacks on their operations.

This World Backup Day, organizations should recognize the impact backups can have on:

Data recovery: Enterprises have access to valuable data, making them extremely vulnerable to cyberattacks. Regular backups serve as a way to restore systems following a compromise or internal failure. In case of an attack, backups can help minimize downtime when trying to recover data, ultimately reducing the impact of an attack.
Ransomware Mitigation: Ransomware attacks are detrimental to organizations since their internal networks are compromised, and they often have to pay hefty sums to recover them. By gaining access to and extracting the most valuable information, threat actors can command higher prices for the organization’s most sensitive data. Having up-to-date backups enables cybersecurity professionals to recover data and files, avoiding giving into ransom demands.

By prioritizing backup solutions and practices, enterprises can enhance their resilience against cyber threats and mitigate the impact of attacks on their operations.

Darren Guccione, CEO and Co-Founder at Keeper Security

Ransomware is among the most common cyber attack vectors globally, according to a recent Keeper® survey of IT and security leaders. As attacks continue increasing in volume and severity, regularly backing up data to the cloud can help both enterprises and small businesses protect and restore data without having to pay a cent of ransom. Adoption of a zero-knowledge, zero-trust solution can help simplify protecting cloud backups and have the added benefit of mitigating the impact of ransomware attacks. A zero-trust security model with least privileged access and strong data backups will limit the blast radius in the event that a cyber attack does occur.

World Backup Day reminds us that despite the growing number of sophisticated malicious actors and the ever-evolving threat landscape, strategic solution adoption and following simple best practices can protect organizations against devastating cyber incidents and mitigate the effect of a successful attack. Strong identity and access management at the front end will help prevent the most common cyber attacks that can lead to a disastrous data breach. A proactive cybersecurity strategy and prudent investment are crucial, because no organization is immune to attack.

John Anthony Smith, Founder and CSO at Conversant Group

Business continuity and disaster recovery (BC/DR) is often top-of-mind for executives in mitigating risk to the business. Backups are arguably the top control in reducing the impact of the three major types of data loss events: Human error related, natural disasters, and the most destructive (but least considered) of them all: threat-actor-caused mass destruction events.

The tactics and techniques of ransomware actors have always been rapidly evolving. However, in the past two years, we have seen an increase in the rate of evolution of the complexity, speed, sophistication, and aggressiveness of these crimes. Old approaches of being alerted to "security behaviors," then researching and responding to those threats, no longer work because dwell time is too short, and attacks are fast, aggressive, and frequent.

Few companies are adequately protecting their ability to restore their systems in case of a mass destruction event; and because breaches are more destructive than ever, ensuring that backups are immutable, redundant, resilient, and all pathways to them are secure and survivable is paramount. One challenge is that the definition of "immutable" varies by product manufacturer. Many do not offer true immutability (or, the inability to delete, alter, move, or destroy data unless preset, prewritten retention expiration times are satisfied). Even if a product is immutable, there must be proper security orchestration around these backups to ensure they are isolated from the network environment and that all access to them is appropriately restricted and secured.

IT and security teams must encourage and enhance backup protocols when it comes to protecting the organization’s valuable data because once data is lost forever, many companies never recover. Security should work backwards in the breach progression. Threat actors work with the end goal of encrypting and destroying backups and production data in mind to leave organizations with few options; so security should begin by ensuring resilience. Once backups are secured against threat-actor-caused mass destruction events, the organization is also properly secured against human error and natural disaster scenarios, ensuring a stronger BC/DR stance. 

Glenn Gray, Director of Product Marketing at Auvik

IT teams face a daily onslaught of requests, tickets and other maintenance activities, and configuration backups are not always at the top of the list of priorities. However, network backups are imperative to business compliance, continuity and profitability. According to new data that will be published on April 4, there is a significant discrepancy between perceptions of the C-suite and IT technicians when it comes to network configuration backups. In a survey, C-suite respondents were more likely to report daily configuration backups (36%) compared to technicians (20%). The discrepancy indicates that either management is not aware of the real amount of work going into configuration management tasks, or technicians are simply too time-strapped and over-burdened to adhere to company policy when it comes to network backup frequency. The latter is highly likely, as another part of the research also indicated that configuration backups is one of the most commonly outsourced network related tasks/activities, with 42% of respondents indicating this is outsourced. Other parts of the research point to a lack of skilled workers and difficulties with hiring as a critical challenge facing IT teams this year leading to even more capacity issues.

To stay on top of network backups and documentation, IT teams must look at automating these functions as much as possible. Investing in the right resources and tooling, such as the adoption of network management platforms with automation tools, can help ensure that organizations adhere to their security and compliance standards. By employing these automation tools, organizations can prevent overburdening their employees with menial but necessary tasks.

Richard Sorosina, Chief Technical Security Officer at Qualys

Performing regular and thorough backups is critical, and should definitely be a part of every organization’s cyber resilience strategy. That said, attackers are now aware that it is common practice to create backups and have adapted their tactics accordingly. Ransomware gangs no longer only target the big fish anymore. They are opportunistic attackers, looking for easy targets who will be most likely to pay up. That includes small-medium enterprises that will be more impacted by a breach, which is why it’s so important to measure, communicate and eliminate one’s cyber risk.

This World Backup Day, it’s my hope that organizations will consider their holistic approach to security – starting with backing up their data, to reviewing their overall cyber hygiene and security posture to include simple steps that can help ensure their organization’s and customer’s data is safer and more secure.