A survey
of companies over 500 employees across all industries revealed that 6 out of 10
organizations have experienced some form of cyberattack targeting their data
storage in the past 12 months-but less than half follow proper steps to defend
against emerging cyber threats and ensure quick recovery.
The
survey, conducted by Nexsan, showed that while
respondents generally understand the importance of protecting data, including
backups, from cybercriminals, the measures and practices they have in place are
insufficient to safeguard the storage infrastructure and avoid excessive
downtime when restoring data.
Among the
findings:
- More than 90% of organizations indicated that they perform
regular backups with offline copies to prevent ransomware attacks, but only 40% utilize
immutable backups to guarantee the safety, security and immediate
availability of their data.
- Less than 5% have no cybersecurity measures related to data
storage at all.
- Thirty-one percent of organizations conduct
security audits or assessments of their data storage infrastructures "as
needed" with 28.57%
performing audits annually; 21.43%
quarterly; and 19.05%
biannually.
- More than a quarter of respondents do not formally
assess the effectiveness of their cybersecurity measures, and only 12%
conduct monthly data recovery exercises. Most troubling: almost a third
perform no regular testing at all to verify their ability to recover from
an attack.
- Seventy-seven percent of respondents believe that
downtime from a breach should be less than 24 hours. Fewer than a third (32.5%) are
confident they could fully recover business operations within hours or
minutes of a cyber incident.
Nexsan
experts advise immutable backups, which are impervious to alteration, deletion,
or encryption by the malware vector. Regularly testing data protection systems,
including monthly "dress rehearsals" of attack scenarios, ensures cybersecurity
measures work as intended. While the expectation of recovering within 24 hours
is acceptable, without proper defenses and testing, organizations should have
more realistic expectations.
"Cybercriminals
have become more sophisticated, and exploit vulnerabilities in backup and
storage systems to affect both primary and secondary data," said Charles
Burger, Director of Cybersecurity Solutions at Nexsan. "This survey revealed
that even organizations that have been victims of cyberattacks are often
failing to ensure they are fully protected, and it's incumbent on vendors to
engage in better education about cybersecurity threats and defenses."
Nexsan has
developed a portfolio of solutions with data protection and recovery in mind.
The company's Unity NV6000, a unified storage system with built-in immutable
snapshots, Amazon S3 support and enhanced disk-to-disk backup capabilities is
tailored to meet the demands of modern IT environments. Unity NV6000 excels in
consolidating SAN and NAS workloads while simplifying storage infrastructure
management. Its adaptability, reliability, data protection, scalability and
streamlined management ensure organizations are positioned for long-term
success in the ever-evolving digital landscape.
Offering
built-in security, compliance and ransomware protection through its immutable
volume and file system snapshot feature, which provides a robust defense to any
accidental or malicious alterations, Unity NV6000 provides high availability
with dual-active controllers to enhance data redundancy, reducing the risk of
disruptive downtime and ensuring uninterrupted business operations. When
utilized in conjunction with Nexsan's Assureon active data vault, SMEs enjoy
unbreakable backup for the ultimate in data protection.