Good backups are critical to recovering from ransomware
Of more than 600 respondents to the survey, 79 percent have experienced a ransomware attack within the last year, with 17 percent experiencing attacks weekly and 13 percent daily.
More than three-quarters (79 percent) of the survey's respondents say that ransomware preparedness is in the top five on their list of overall business priorities.
"Organizations are building their own individual strategies and processes in response to a lack of industry reference architecture or a blueprint for ransomware protection," says Christophe Bertrand, practice director at ESG. "The results of this report serve as a critical step in understanding the most important components of data recovery after a ransomware attack, and it is our hope that organizations can use this as guidance as they work towards preparedness."
Among other findings, 39 percent of successful ransomware attacks impact cloud data and 40 percent impact storage systems. However, only one in seven organizations say they protect more than 90 percent of their mission-critical applications from cyberattacks.
Having an air-gapped backup and the ability to granularly restore data have emerged as best practices among industry leaders according to the report, with hybrid methodologies most favored. In the context of backing up cloud data, this means allowing the backup or recovery copies to be physically and logically separated from the rest of the network.
"Public cloud infrastructure has become a destination of choice for data backup, which means that cloud data is increasingly becoming a target for cyber criminals who really want to render businesses inoperable. Organizations are concerned that their backup copies could be corrupted by ransomware attacks and protecting backup copies is a key prevention tactic," says Jakob Østergaard, CTO at Keepit. "Our strategy is to build in security from the ground up with immutable, blockchain-verified technology, encryption, and air-gapping, and the ESG study clearly documents how."
The full report is available from the Keepit site.