Ransomware defense starts with smarter backup and recovery plans

State IT leaders can reduce the cost and disruption of ransomware threats by proactively safeguarding data before it’s attacked, report says.
ransomware
(source: StateScoop)

If state government leaders are resolved to avoid the disruption and expense of a ransomware attack, they must ensure their agency has necessary data backup and recovery systems and strategies in place, say security experts in a new report.

Data recovery can be complex for agencies, which are measured by how quickly they restore operations following a ransomware incident. But if they are to strengthen their networks, cyberdefense is only one part of the solution to mitigate threat risks.

ransomware

Read the full report.

Modernizing backup and recovery with cloud-based platforms would allow agencies to capture insights from data and develop comprehensive data protection strategies, asserts the report, produced by StateScoop and underwritten by Veritas Technologies.

The first step toward building that strategy is to discover what data your agency has and where it lives, said Rick Bryant, national healthcare architect at Veritas. He emphasized the importance of having a tool that allows an agency to map where data is located and who has access to it.

Unfortunately, budget pressures remain a challenge for many agencies. According to a StateScoop survey, underwritten by Veritas, 42% of agency respondents cited lack of budget as a major obstacle to their efforts to defend against ransomware

The risk now posed to enterprises, Bryant shared, is that modern-day ransomware attacks look for backup workloads to encrypt first. He explained that this progression in attacks is due to ransomware developers ensuring that the targeted organization can’t back up affected systems.

As the attack on the city of Baltimore in May 2019 made clear, state and local agencies may find themselves financing a more modern and effective backup and recovery system whether they want to or not — but taking proactive action on backup plans would be preferable to having to do so after an incident.

Mike Malaret, Veritas Technology’s director of sales engineering for the defense and intelligence communities, shares how Veritas solutions are equipped to collect metadata on all the files that exist within an organization. “If we can detect anomalies within the environment and remediate them prior to actually worrying about them getting caught in the backup site, we’re in a much better place,” he said.

Investing in better backup controls can help agencies future-proof their ransomware protections, to protect data both on-premises and in the cloud, the report says.

Through Veritas’ Information Studio, they are able to provide visibility, targeted analysis and informed action on data to identify areas of waste, risk and value. With the power to organize data and take informed action, organizations can be confidently prepared to handle security concerns, new regulations and continuous data growth.

Bryant recommended that agencies take steps to appropriately tier their data based on its relative value. “If data hasn’t been accessed in six months, move it to a lower tier, a lower accessibility level, or delete it,” he said.

Read more about improving backup and recovery for data to mitigate cyber risks.

This article was produced by StateScoop and sponsored by Veritas Technologies.

Latest Podcasts