News/Trends

NCPC Act creates new urgency to implement ransomware recovery and cyber security tools

In 2022, cyber security is a non-negotiable top priority for CIO/CISOs, and rightly so. Cyber attacks hit every 11 seconds, cementing security at the forefront of technological innovation and urgent governmental action. Chances are, most global organizations are going to experience ransomware attacks (a key emphasis on plurality here) that will have the capacity to shut down, freeze, and financially impair business.

The U.S.’ National Cybersecurity Preparedness Consortium (NCPC) Act emphasizes cyber threat preparedness through education, tools, and processes. This bill, now on President Biden’s desk, authorizes the Department of Homeland Security to create university-based training programs, in addition to state and local government programs that support first responders, industry stakeholders, and critical infrastructure owners. The U.S. government’s actions to allocate resources for cyber training and education highlight concerns that, if not properly prepared, cyber attacks could potentially affect U.S. infrastructure, key governmental branches, and the economy.

Russian hackers and cyber threats: How do they affect us?

In a press release after the bill passed in the House, Senator John Cornyn (R-Texas) stated that legislation will prevent “potentially disastrous cyber threats from Russian hackers that would weaken our infrastructure and military readiness.” For example, in 2021, Russian hackers executed a ransomware attack that shut down a pipeline carrying almost half of the East Coast’s fuel supplies, causing ripple effects on Americans’ everyday lives, including frustratingly long lines at gas stations along the Eastern Seaboard.

Despite President Biden’s 2021 warning to Russia that 16 specific infrastructures covering telecommunications, healthcare, food, energy, and software are off-limits to cyber attacks, some of these infrastructures have still been compromised — reported by Reuters. In the 2022 Annual Threat Assessment report, U.S. Intelligence warns of Russia’s advancing capabilities to target underwater cables and industrial control systems, both globally and within the U.S. According to Bryan Voldran, an Assistant Director of the FBI’s Cyber Division, Russia is increasingly scanning U.S. energy sector networks looking for vulnerabilities to target.

What does all this tell us? The major push for cybersecurity legislation, education, and warnings of impending attacks on business-critical infrastructure and functionality mean that companies of all sizes and sectors need to stay vigilant and up-to-date on the types of platforms, tools, and frameworks that will protect against increasingly prevalent ransomware and cyber attacks. The commonality and destructive repercussions of ransomware attacks are rapidly escalating, and it’s our responsibility to prepare by deploying solutions to keep our data safe and fully recoverable.

How to protect your business against ransomware and cybersecurity threats

According to a 2022 Garner Report, “Restore vs. Rebuild – Strategies for Recovering Applications After a Ransomware Attack,” automation and orchestration tools are vital for quick endpoint and cloud application recovery. It’s critical to ensure your data is completely clean before restoring, eliminating time-consuming manual security procedures.

In stone-cold reality, protecting and recovering backup data just isn’t enough anymore. IT and security leaders need centralized and actionable insights on security posture across distributed backup data and systems, along with visibility into data, access anomalies for security monitoring, incident response, and root cause analysis. With remote work and hybrid models, both endpoint and cloud applications are increasingly at risk of attack.

3 Non-negotiable pillars to build a comprehensive data and cyber resiliency posture

Data integrity and availability

  • It’s now the status quo for ransomware to delete your backups. The only way to keep your data safe and accessible is with a truly immutable and air-gapped solution, like Druva’s. Truly immutable backups can’t be changed or deleted by an unauthorized or authorized person. If backup companies claim immutability, it’s important to ask whether those backups can be deleted by an authorized person or someone impersonating one.
  • Druva’s unique no OS storage and object-based architecture, including built-in zero-trust security, prevents threat actors from executing in the backup environment, unlike other solutions. Plus, ransomware is built to crawl file systems, so Druva doesn’t use them.

SaaS security and simplicity 

  • Attackers get access through unpatched and vulnerable backup systems, easily exposing legacy applications and hardware to attacks. 
  • A 100% SaaS model delivers fully managed security including vulnerability scans, pen testing, and automatic patching/upgrades.
  • Druva does the security work for you: our security team monitors your backup environment 24x7x365, all without hardware to maintain.

Accelerated recovery

  • Finding and restoring the most recent, clean version of each file is a colossal manual process. You need to quickly and automatically collate encrypted data to restore the most recent, clean files into your environment.
  • Ensure you have orchestration with primary environment security tools, empowering you to automate response actions, like quarantining infected snapshots or resources.
  • Druva’s built-in malware scanning ensures data is clean before restore. Anomaly detection and access insights quickly show what went wrong during an attack, and Druva’s Curated Recovery automatically finds the most recent unencrypted copy of every file or dataset — reducing tedious, manual processes. (A point-in-time snapshot isn’t enough)

Druva’s automated, 100% SaaS platform difference

Modernize the way you protect data by introducing simplicity and automation into your tech stack through The Druva Data Resiliency Cloud. Druva keeps your backup data safe and recovers it quickly and easily. How? A single pane of glass for managing your data and baked-in security without extra deployments or configuration. Quickly stop ransomware by auto-quarantining and automatically isolating potentially infected resources and snapshots to avoid reinfection. Easily understand what went wrong, identify what data was encrypted, and pinpoint if any sensitive data was disclosed. Plus, leverage powerful anomaly detection, access insights, and forensics.

Free and quick ransomware risk assessment

See how your security stacks up with a quick, easy ransomware risk assessment. Understand if you’re prepared to fully recover from ransomware (and other) cyber attacks. Bonus: get your results back in less than three minutes! Sign up for a free live demo to see how you can better protect and prepare for the inevitable, plus, go over your Ransomware Risk Assessment results with a Druva technical expert.

Understand the exact steps to build multi-layered cyber resilience that accelerates complete recovery across data centers, multiple cloud environments, endpoints, SaaS apps, and edge here.

 

 

References