When we talk about ransomware attacks, we soon know that we are talking about a high financial impact on the company in addition to the loss of important data. Ransom payment is not always the only impact we have, as we have already talked about the worst ransomware attacks, it often impacts sales, lack of consumer/user trust, process interruption, etc. All this means losing money and we don't want that.
In 2021, the average ransomware payment was over half a million dollars. Along with that increase of about $200,000, insurance companies have increased their rates by 92% as well. So we need solutions that prevent the attack and help us not to be financially impacted by being attacked if that happens. Pure Storage has written 5 tips on how to minimize these costs that we bring today.
Back up your data and test your backups frequently.
If you've taken an offsite backup of your files, you should still have access to your data if cybercriminals try to steal it and hold it hostage. But what about the speed of your recovery? Regularly testing your backups – which many organizations don't do – can help ensure that your backups are truly recoverable and how quickly they can be restored.
Adopt layered security architectures
Talk to your CISO about the value of layered security architectures and “data bunkers”, which can help retain large amounts of data and make it immediately available. Tiered backup architectures use different logical and geographic locations to meet a wide variety of backup and recovery needs, thereby improving accessibility and speed of data recovery.
Create immutable data snapshots
Ransomware attackers often go after your backups to put you in a tight spot. Pure's immutable, multi-factor authenticated SafeMode™ snapshots cannot be edited or deleted, even if administrator credentials are compromised, effectively giving ransomware attackers no backup to the rescue.
Confirm what your cyber insurance covers
Make sure you know and understand the limitations and coverage provided by your policy, what you need to do to use your coverage, and how long it will take your insurer to get involved.
Bend compliance and data retention and deletion policies
Regulatory and compliance fines can be costly when the data you are holding is compromised during an attack. Data retention and deletion policies can help you plan what data is worth retaining, what should be deleted or anonymized, and how you can minimize what you have available. Improve data retention and deletion policies.