Ransomware was the top cybersecurity threat in 2021 and will likely remain the biggest threat in the coming year. Despite this, many security experts will continue to miss the mark when it comes to protecting against ransomware attacks.
Industry advisers tend to focus on perimeter security solutions and anti-phishing training for employees. These methods are already well-known and widely implemented, yet the attacks continue. Clearly, there are still holes. Increasingly sophisticated phishing emails and texts deceive even the wariest users, at least some of the time. A firewall only needs to be misconfigured for a short time to create a dangerous exposure.
The fundamental problem with this perimeter-focused cybersecurity strategy is that defenses must perfectly perform every time, while a cybercriminal only needs to win one time. For most organizations it’s only a question of “when” not “if” they will become a victim and must deal with the financial, operational, and reputational fallout. The key is to minimize potential damage via a proven recovery path. If you can quickly restore operations and not pay ransom, your organization can avoid being front-page news.
Fortunately, the technology to protect your data exists and is well proven: maintain an immutable copy of your backup data. An immutable copy prevents cybercriminals from encrypting, altering or deleting backup data, so your organization can recover using standard backup and recovery workflows and without paying one cent of ransom.
Immutable storage systems feature military-grade ransomware protection, are supported by data protection software vendors, and are available from enterprise storage providers. Best of all, this approach costs no more than backing up to unprotected media. It’s like a free insurance policy. Despite this, many talking heads continue to push legacy solutions that are costly and will ultimately fail. That is where experts will continue to miss the mark.