EDITOR ’ S QUESTION
WHAT IS THE CONSEQUENCE OF ORGANISATIONS CONTINUING TO UNDERESTIMATE THE DAMAGE OF CYBERTHREATS AND HOW CAN THIS BE AVOIDED ?
The COVID-19 pandemic has caused a surge in the number of data breaches . In recent times , Facebook and surveillance services provider , Verkada , revealed they ’ d suffered huge data breaches , with over 500 million users and 150,000 video cameras hacked . This is no laughing matter for organisations and it is essential , therefore , that they mustn ’ t underestimate the damage cyberthreats can cause .
David Friend , Founder and CEO , Wasabi , questions why so many underestimate such risks , particularly after a YouGov survey from 2019 indicated that 66 % of companies with fewer than 500 employees didn ’ t believe they would fall victim to a cyberattack . Just 9 % of businesses surveyed ranked cybersecurity as their top business priority . Such stats clearly demonstrate that there ’ s an education gap which needs to be filled across industries , to elevate the importance of this issue .
“ The fact that the enterprise doesn ’ t perceive the risk of ransomware to be a priority is at odds with the amount of damage that ransomware is doing to businesses ,” said Friend . “ In the UK , nearly 60 % of companies struck by ransomware end up paying their attackers , with the average ransomware payout being US $ 84,116 in Q4 2019 .
“ Payouts are just the tip of the iceberg . As ransomware locks users and organisations out of their data , business operations can quickly be shut down for days or weeks , which could risk the livelihoods of many . When you look at the damage done to regular business activity by way of ransomware , it ’ s easy to see why companies are tempted to pay up .
“ In the end , computers and other hardware can be replaced , but in the vast majority of cases , lost data represents the product of countless man-hours of work , which cannot be replaced without huge expense ,” continued Friend .
“ If enterprises want to offset this risk , they must first and foremost develop a rigorous data backup strategy that diversifies where they store their data to spread risk . Backups are a vital part of any organisation ’ s IT strategy and ensuring multiple redundant backups are available helps to reinforce organisational resilience to cyberthreats .”
Friend says that as a minimum , IT decision-makers should be keeping three different backup copies of the same data , with two on different media formats and with one of those kept off-site – what the storage industry calls the 3-2-1 rule .
“ Keeping a backup off-site is key as it allows organisations to ‘ air-gap ’ backups from one another , enabling greater data protection and security through physical distancing . A hybrid cloud strategy can also be of huge benefit when tackling cyberthreats . By combining an on-site dedicated storage system for local backup and setting it up to synchronise with a cloud backup service on a regular basis , data continuity is maintained and the risk of disruption knocking out all sources is significantly decreased . It ’ s also a good idea to have your data stored in different vendors ’ systems so that hacks or even software bugs in one system don ’ t risk data loss globally too ,” said Friend .
34 INTELLIGENTCIO EUROPE www . intelligentcio . com