SURVEY SAYS: YOU CAN DEFEND AGAINST RANSOMWAREIn this NewsBytes edition, we’re sharing the results from a unique data security survey conducted by the LTO Program. The goal was to find out what concerns IT managers have when it comes to ransomware – and what actions they are taking to defend against cyberattack. DOWNLOAD PDF VERSION HERE
Ransomware attacks continue to occur at alarming rates. According to a survey by Sophos, 51% of the participating organizations were hit by an attack in 2020. The average cost to recover from an attack was $1.85M (US)! Businesses are rightly concerned about how to prevent malware attacks and how to recover in the event an attack occurs. The LTO Program conducted a unique data security survey with IT executives to find out what their fundamental security concerns are and what actions they are taking to defend against cyber-criminal activity. Read on to get the key findings that will open your eyes to this on-going nefarious threat.
TOP STORAGE CONCERNS
Respondents in the LTO Program security survey were from a cross section of industries, including media and entertainment, technology and cloud services, government, healthcare, manufacturing and finance. The amount of data they manage ranged from 20 TBs to 200 TBs. What was their top concern? Well, you could probably guess: 35% of respondents stated that Ransomware/ Cyber Security was at the top of the list. The top two reasons why they chose Ransomware/Cyber Security were because they are seeing a rise in ransomware attacks over the last year and because they do not want to risk loss of revenue or reputation.
Not surprisingly, Budget Control came in second for top concerns. This is likely because the expense to recover from a malware attack can weigh heavily on an IT executives mind. The costs to recover from an attack typically involves system downtime, workforce expense, network and system device costs, loss of revenue, impaired reputation, and ransom payments.
Not far behind budget control worries was the third place concern: Exponential Data Growth. This makes sense – IDC has predicted that IT organizations can expect to deal with approximately 7.5 ZB of data by 2025 and organizations are archiving more and more information for analytic purposes to remain
competitive. Happy side note: LTO-9 technology is on the way with up to 45 TBs of compressed data per cartridge to help ease the burden of this data growth explosion.
DATA SECURITY CONCERNS EXPLAINED
The LTO Program security survey respondents were asked to explain their answers which revealed some very insightful data security tactics and practices. Those that listed Ransomware/ Cyber Security as their top concern said the main two reasons why they made that choice were that they are seeing a rise in attacks (52%) and the risk of lost revenue and reputation (40%).
On the flip side, those that did not choose Ransomware/Cyber Security said the top
reason was because they have systems in place to mitigate the risks, which include offline storage. Strategic data protection note: when an LTO tape cartridge is removed from the tape drive it is offline providing an air gap between the tape data and the system which helps prevent cyber-criminal access. In the event of a cyber-attack the offline LTO tape can be used to recover critical data. In addition, the tape can be moved offsite to protect the data in the event of a primary site disaster.
HOW DO THEY PROTECT THE DATA?
Survey respondents were asked which policy or measure is most important in protecting the organization from the impact of a ransomware attack. Little surprise: the top strategy is Offline Data Backup (83%). As previously noted, LTO tapes provide offline data protection when a cartridge is removed from the drive. In addition, LTO technology offers native tape drive hardware encryption, which can protect the data in the event a cartridge was to get into the wrong hands. Closely behind offline data backup for protecting the organization were Employee Education/ Security Awareness (78%) and Strong Antivirus Software (58%).
When asked which actions would be implemented to recover if their systems were impacted by a ransomware attack that locked out critical data, a significant majority said they would restore data with Offline Backups (70%). In a distant second place, 15% said they would restore from a cloud
or a remote backup.
Last but certainly not least, respondents were asked if they keep an offline copy of data via tape, such as LTO tape, and nearly 80% said YES!
PREPARE AND PREVENT
The LTO Program security survey responses are revealing and reinforce the concepts that comprise a solid data protection plan. As noted in a recent LTO BlogBytes article – there are a number of steps that you can take to prepare for and prevent a cyberattack. The FBI published a list of must do protective actions including:
- Backup your data, system images and configurations, test your backups and keep the backups offline.
- Utilize multi-factor authentication. Keep operating systems, software, and applications current and up to date.
- Make sure anti-virus and anti-malware solutions are set to automatically update and run regular scans.
- Create a continuity or incident response plan in case your business or organization is the victim of a ransomware attack.
In addition, it’s important to educate employees on how to safely handle suspicious emails and website links. Also, you should investigate and examine how attackers could access your systems. In other words, plug the leaks in the systems pipes so they don’t leak anymore.
Don’t become a statistic. Put an action plan in place using LTO technology to help secure your data against ransomware attacks. See the compelling benefits of tape against ransomware in a short video here.