Virtualization Technology News and Information
Zerto 2022 Predictions: Looking to continuous data protection in the midst of ransomware attacks

vmblog predictions 2022 

Industry executives and experts share their predictions for 2022.  Read them in this 14th annual series exclusive.

Looking to continuous data protection in the midst of ransomware attacks

By Caroline Seymour, VP of product marketing, Zerto, a Hewlett Packard Enterprise company

According to a recent IDC survey, a disturbing 95.1% of organizations have suffered a ransomware or malware attack in the past 12 months, so it's no surprise that the subject is a major topic of conversation in just about every boardroom. While organizations may differ on the particulars of their cyber protection strategies, all should recognize that downtime is one of the most expensive parts of an attack and the average downtime a company experiences after a ransomware attack is 21 days. Continuous data protection can provide organizations with the means to mitigate concerns about data loss and downtime, ultimately enabling them to quickly recover from cyberattacks. To get a holistic view of the challenges around ransomware attacks, I've spoken with several Zerto team members to have them share trends to look out for in the new year:

Recovery needs to be the focal point

"It shouldn't be news to anyone that ransomware is the cybersecurity challenge of the moment. It's here and affecting everyone. As we head into a new year, it's important everyone gains a clear understanding of how attackers are evolving and how best to strategically protect organizations from attacks and the impact they have on business.

Attackers are getting smarter, and the payouts are getting larger and more widespread-two alarming trends. If you dissect the anatomy of recent attacks, you'll see that cybercriminals are targeting companies that can be the most hurt, are the most defenseless, or are the most likely to pay out large sums of money. So, if you are a CEO or CIO of an organization, it's irresponsible at this point not to have a proven ransomware response plan. Any organization can fit the target characteristics for today's cybercriminals, and it's become simply a matter of time until your organization's number is up.

The ability to recover should be a focal point of any security plan. This will be defined by how quickly you can stand up your systems and get them running again. However, in our accelerated digital age largely brought on by COVID, too much can happen overnight or in three to five days for the traditional back up model to be good enough. Recovery solutions need to modernize to fit what the world has become. They need to be continuous and able to keep applications running 24/7 even in the face of disruption or threat. Ultimately protecting all of your data all of the time. 

Data protection that meets the demands of the moment can't just be an item on a checklist in 2022. It's a must-have that is a critical investment for every organization. What started with simple encryptions that could be downloaded from a Google search and then executed as a simple ransomware attack is now targeting the most high-profile, sophisticated, and relied upon organizations in the world. Unfortunately, the danger will continue to grow but it's on us to ensure that our resistance to it stays a step or two ahead," commented Avi Raichel, VP of GTM, Zerto.

Don't just assume you're protected

"It shouldn't be a surprise to say that in 2022 we're going to see a continued increase in the severity and volume of ransomware attacks. In response, we will see a growth in the ransomware-as-a-service market, which is able to propagate new versions and new methods in a much faster way than before. Whether you are a small business or large enterprise, at some point you will be targeted by a ransomware attack that will try to get into your system and encrypt your critical data. We will continue to see an increase in state-backed criminal syndicates that carry out much more tailored and aggressive campaigns.

In 2022, ransomware attacks will continue to evolve and target critical data anywhere. These attacks will not be solely focused on VM data anymore; SaaS and containerized applications will more frequently be in the crosshairs for cybercriminals. We will continue to see container-specific malware attacks focused on data exfiltration, crypto jacking, and encryption.

This coming year and the following will be very dangerous because companies are not mature enough in their approach to protecting containerized and SaaS applications. Many organizations are still trying to figure out where that data lives, and they assume that the vendor-Kubernetes or OpenShift for example-is responsible for protecting their data. Unlike virtualized environments that have disaster recovery built-in, the reality is that those open-source vendors are limited in that capacity, and enterprises can't always assume their SaaS and containerized data is protected.

Therefore, every organization in 2022 needs a data protection plan in place that covers all data-no matter where it lives," said Andy Fernandez, senior manager, product marketing, Zerto.

Disaster-recovery-as-a-service (DRaaS) will become crucial

"Disaster-recovery-as-a-service (DRaaS) will become a key necessity for many organizations and its adoption will skyrocket. The rise in volume and severity of ransomware attacks and growing threats due to climate change, combined with the financial impact of downtime are driving organizations to take disaster recovery seriously.

Most organizations are looking to offload capital expenditures and only pay for what they use. DRaaS, managed or unmanaged, allows companies to eliminate the costs and administrative overhead of managing and maintaining their own purchased secondary sites. Why refresh hardware every couple of years? Why allocate time, resources, and labor to something that doesn't drive revenue? DRaaS brings organizations a rapid, efficient way to reduce costs and only pay for the applications that need protection.

Apart from capital investments, many organizations do not have the time and administrative overhead required to stand up a secondary data center. DRaaS brings the fastest approach to protect critical workloads," said Ziv Kedem, co-founder, VP and GM, Zerto.

Adoption of product applications

"One trend that will gain momentum into 2022 is the adoption of production applications on containerized platforms by more enterprises.  

Many organizations are already using containers for non-production applications. As the underlying technologies have matured to meet enterprise needs and coupled with new applications becoming business critical quickly, the opportunity for deploying production applications directly on containers has arrived. In 2021 many businesses ‘dipped their toe in' and started to move more containerized applications into pre-production, but in 2022 trend this will rapidly evolve as the barriers have been removed. We will see a wave of organizations adopting containerization and its many benefits. 

Using containers saves time, money, and licensing costs. Any organization switching to a container-first strategy can be more efficient at delivering applications, while lowering costs. However, there will be some challenges along the way: as containers become the norm for production, its mainstream status will make it more susceptible to cyberattacks like ransomware, leading customers to look for data protection capabilities.

Despite its comparatively short life as a new technology, containerization has rapidly become the foundation of the digital era: improving agility and accelerating innovation. In 2022, we'll only continue to see this rapidly evolve." said Deepak Verma, VP of products, Zerto.

In-Cloud and SaaS Data Protection

One last thought I'd like to offer is about the acceleration of cloud data protection. Most organizations today employ a cloud first strategy, and we continue to see that trend accelerate. According to Gartner, more than 45% of IT spending will have shifted to cloud by 2024 (up from 33% in 2020). This means more and more workloads and applications are moving into the cloud creating a need for disaster recovery to protect against disruptions there. Lastly, organizations must ensure that their SaaS data is fully protected. A common myth is that SaaS data is protected by the SaaS vendor. It is not! It is the responsibility of the organization to protect against human errors, malicious attacks, or any other disruptive events.



Caroline Seymour 

Caroline Seymour is the VP, Product Marketing for Zerto, based in Boston, US. In this role Caroline leads the overall product marketing strategy and execution for Zerto. Prior to Zerto, Caroline was at IBM for nine years and before that Cognos. Caroline has a wealth of experience in the Enterprise software space from the many roles she has held in Europe and in North America.
Published Thursday, December 16, 2021 7:29 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<December 2021>