Virtualization and Cloud executives share their predictions for 2017. Read them in this 9th annual VMblog.com series exclusive.
Contributed by Paula Long, CEO and co-founder of DataGravity
2017 Forecast: Ransomware on the rising horizon
How aggressive should your company's response to a ransomware
threat be?
In today's security landscape, it's a question without a clear
answer. Yes, some solutions on the market can detect when a ransomware attack
is taking place. They can alert users about access patterns and behavior that
follows ransomware's usual patterns. Depending on the solution, following a
manual go-ahead or automatic trigger, the account belonging to the user in
question will shut down. If the initial detection process was correct in
identifying a ransomware instance, an automatic strategy could save the day.
Although the best defense is a good offense, ransomware sensors
may not be correct one hundred percent of the time. By mistakenly shutting down
an innocent user, aggressive response tactics could actually stand in the way
of important remediation work. Along
with beefing up automatic defense, IT teams and vendors alike should consider a
holistic approach to identifying and addressing security risks. Below are a few
ways this focus will play out in the next year.
1. Education and action
plans will move security efforts forward.
Have you ever seen a football team score with only their
defensive line? Data security operates much like football, with defense tactics
only being one part of the recipe for success.
Organizations should operate like sports teams - preparing
their offensive and defensive lines in a strategic way to combat threats. To
find the right balance, you'll need solutions that address different layers of
the IT stack and complement one another in the IT ecosystem as a whole. Some
security threats, such as ransomware, will appear in different ways as they
affect various levels of the stack. If solutions at each level communicate with
one another, from the perimeter to core data storage, your organization will be
able to track the threat's traffic pattern and protect your data.
2. All hands are on deck
for security support.
There's a dwindling amount of dedicated security experts in
today's enterprise. At the same time, the amount and severity of threats are
growing. In the same way that IT solutions adopted a self-service approach
years ago, when automation and virtualization began to dominate the enterprise,
the same shift is now taking place in cybersecurity.
Business leaders and CIOs are encouraging employees to take
responsibility for data security. Education and specific training will be key
aspects of making this effort successful. Insights that recognize suspicious
activity, clear response plans and technologies that identify, manage and
protect sensitive data are also vital. By working together, employees at every
level can make sensitive data protection their goal and adopt policies that
help shut down security threats at the start.
3. Disaster recovery
initiatives will begin to include ransomware.
Many people hear the phrase "disaster recovery" and it conjures
up images of the infamous tornado scene from the Wizard of Oz. And while
disaster recovery plans protect organizations from a variety of unforeseen
issues including natural disasters, they also protect against hardware failures
and human errors. Smart companies test these plans on a regular basis to ensure
that if a hurricane does indeed hit the data center, the company can get back
up and running as soon as possible without losing data or experiencing massive
downtime. In the current security environment, ransomware and other security
attacks are a more common occurrence than natural events. As a result,
ransomware response and recovery will soon become a standard part of DR
planning and testing initiatives.
4. Cybersecurity is
getting personal.
Go ahead, Google me - or your colleague, friend or new contact.
For most individuals, the amount of personal data available to the public is
staggering, including search histories and Internet of Things (IoT) device
information. As this consumer data grows, the type of information that users
consider private and requiring protection is changing. That personal data is
also becoming more available than ever to attackers, causing consumers to
realize they have personal motivation to tighten cybersecurity. This personal
information makes it easier for the attackers to lure you into trigger
ransomware, since the notes they send you could be personalized for you.
Ransomware is a franchise business. Like all businesses, it will continue to grow
and become more suave as the potential for profit grows. Deciding whether or
not to pay the ransom is a hard choice. If
you pay, you are making the business more attractive to those who wish
to pursue this type of business. If the business is not lucrative, perhaps we
will see a reduction in the number of franchises that startup.
##
About the Author
Paula brings more than 30
years of experience in high-tech innovation to DataGravity. She is an industry expert on enterprise data
management, security, protection and storage. Paula has led two major shifts in
data management and storage - the first as co-founder and senior vice president
of products at EqualLogic, where she lead the transition to automated storage
management. This capability is now table stakes for any storage appliance, and
EqualLogic was acquired by Dell for $1.4 billion in 2008. Paula remained at
Dell as vice president of storage until 2010. The second shift took place when
Paula became co-founder and CEO of DataGravity, a leader in data security
focused on protecting data in virtual environments.
Paula's executive and
technical leadership has been extensively recognized, including the New
Hampshire High Tech Council Entrepreneur of the Year award, the Ernst &
Young 2008 Northeast Regional "Entrepreneur of the Year" and a national
finalist for the same award. She is a graduate of Westfield State College.