Industry executives and experts share their predictions for 2019. Read them in this 11th annual VMblog.com series exclusive.
Contributed by Lynn LeBlanc, CEO of HotLink
Cloud Backup and the Security Challenges Ahead
Bad actors are constantly innovating in order to penetrate their targets'
cyber defenses, and that innovation is paying off - for them. The rapid growth
of disaster recovery as a service (DRaaS) and backup as a service (BaaS)
reflects IT's recognition that any number of compromises, including cyber
threats, are regularly impacting production environments and a cost-effective
safety net is needed.
What's less obvious is the cloud backup risks when latent malware,
phishing attacks, data extraction programs and other security breaches
propagate into DRaaS and BaaS systems. It's more important than ever to understand
the new patterns of cyber threats and practical strategies to thwart them.
Cyberattacks are soaring, and small and midsized businesses (SMB) are
increasingly the victims. Close to 70 percent of SMBs surveyed for a Ponemon
Institute study last year reported a
cyberattack that evaded their intrusion detection systems, and more than 80
percent said malware slipped past their antivirus software. Ransomware is also
on the rise. Close to 55 percent of these companies said they were attacked by
ransomware, in many cases multiple times.
Current security methods are falling short
With cyber criminals becoming more aggressive and agile,
businesses need to rethink their approach to cybersecurity. Simply stepping up traditional
defenses, such as firewalls and antivirus solutions, and enlisting users in the
battle won't protect against more sophisticated, pervasive attacks.
A key issue with next-generation cyber warfare is the latency
effect. While simple attacks of the past reveal themselves quickly, newer cyber
threats can lay dormant for months. In fact, new research shows that the
average time it takes for a company to identify newer strains of malware is over
six months!
These dormant cyber threats surreptitiously propagate into backup
systems, rendering restore points potentially unusable or even dangerous to
recover. Thus, IT cannot assume their current backup and disaster recovery
insurance policies will always provide a reliable fallback solution when cyber breaches
impact production systems. As with most rapidly evolving IT problems, next-generation
technology is critical, and the market is responding with new cybersecurity defense
tools.
If you don't automate today, you may not be here tomorrow
As threats continue to escalate, no industry is immune - any
business involved in e-commerce is potentially vulnerable. The midmarket is
particularly vulnerable. IT resources are limited, and dedicated security
professionals are rare. Constant patching, implementing software upgrades and
deploying new tools is time-consuming, labor-intensive and stretches IT to the
max.
The only viable option to defend against next-generation cyber
threats is automation - including tools that specifically analyze and protect
DRaaS and BaaS repositories. Security automation can help focus organizations on
the problems that need immediate remediation. For example, backup data sets can
be analyzed at a very granular level to identify latent threats, possible
security risks and provide other meaningful analysis for security purposes. These
new solutions can even correlate threat intelligence feeds with backup data set
fingerprints, helping teams identify and counteract hidden anomalies or
malicious threats that have been lurking undetected.
Proactively analyzing backup data sets can help spot ransomware,
malware, data extraction and other threats from external sources, and internal
anomalies resulting from bad actors can also be revealed. While IT's firewalls
and antivirus platforms will continue to deflect many threats, these tools
won't be enough to protect critical operations going forward.
Tackling the security squeeze with innovation
Clearly, the midmarket has its hands full, yet security must be top
of mind in today's high-risk environment. With constrained budgets and small IT
teams, companies have limited resources to spot, triage and remediate each new
security threat that has infected data protection systems. Without innovation
and automation, the necessary level of testing of backup restore points will be
impossible to achieve in a reliable, straightforward and cost-effective way.
MSPs can and should play a key role in cybersecurity automation
for next-generation threats to DRaaS and BaaS systems. The latest automation can
provide the safety net end users need to remedy security threats affordably and
practically. Cybersecurity protection offerings can be a substantial
differentiator for service providers, as well.
The escalating frequency of cyberattacks on companies of all sizes
and in every industry requires IT pros to urgently identify options to respond
to the threats that take business offline for days, weeks or more. Most
companies today rely heavily on IT systems for wide-ranging aspects of
operations as well as revenue generation, and downtime is no longer an option.
Fortunately, next-generation innovation is here to help tackle the midmarket
cybersecurity squeeze.
##
About
the Author
Lynn LeBlanc, CEO and
founder of HotLink Corporation, has over 25 years of enterprise software and
technology experience at both Fortune 500 companies and Silicon Valley
start-ups. Prior to founding HotLink, Ms. LeBlanc was founder and CEO of
FastScale Technology, an enterprise software company acquired by VMware, Inc.
With a proven track record of successfully bringing emerging technologies to
market, her extensive career includes SVP and VP roles in general management,
marketing and business development at industry leaders including Cadence Design
Systems and Octel Communications as well as acquired start-ups iReady
Corporation, ILEX Systems and Atherton Technology. Lynn also served as VP of
Marketing and Business Development at Scyld Software and spent her early career
at IBM Corporation.