With the ongoing threat of cyberattacks, cyber insurance has made it onto the agenda of many business leaders, as it promises to pay a monetary sum to cover the costs of being attacked.
However, it doesn’t materially contribute to recovering from an attack and may not even cover the full costs of remediation, depending on the policy. Self-insurance against ransomware attacks in the form of unimpeachable backups can be a stronger approach, according to Pure Storage.
Pure Storage vice president for Australia and New Zealand, Michael Alp says while there are cybersecurity tools available, ransomware is a particularly insidious threat that can be hard to defend against. “Even though organisations should deploy the strongest IT security tools they can afford, the fact remains that attacks will occur, and the odds of an attack succeeding are, unfortunately, high,” he said.
“This makes it essential for organisations to think about how to recover from a ransomware attack as well as how to defend against one. The down time associated with waiting for recovery of data is disruptive, and the workflow requires significant time and resources, depending on how well-prepared the organisation was before the attack.”
Adding complexity to the recovery process, is the fact that attackers are now targeting backups prior to attacking production data – a victim that cannot turn to their backups for recovery is far more likely to pay any ransom demanded to get production data back.
“While a cyber insurance policy may help offset or defray some of the financial costs associated with the downtime associated with a ransomware attack, it does nothing to help get the business back operational in a meaningful timeframe,” Alp said.
Therefore, cyber insurance should be considered a cost reduction strategy, which can be pursued after a business is back to normal operations. Infrastructure solutions that help ensure backups cannot be compromised, and more importantly, ensure data can be restored in a timely fashion, should be the primary investment and can be considered a form of self-insurance.
The right type of backups can significantly mitigate the risk of significant disruption and financial losses following a ransomware attack in the following three ways:
1. Protect backups from attack
Organisations should look for solutions that can augment existing backup platforms and add an immutable layer of protection around them, so that even in the event of an attacker having compromised administrative credentials they are unable to damage backups. When an attack happens, the business can restore from the snapshot with minimal fuss.
2. Use a fast recovery system
A cyber breach is quite likely to be the only scenario that triggers a full restore of all data. Legacy backup (not recovery) solutions handle the backup well; however, were never designed to restore the data quickly. Augmenting existing backup platforms to restore mission-critical systems in a timeframe that is acceptable for getting the business operating again is critical.
3. Choose an easy-to-use solution that you can build easy processes around
It’s important to choose a solution that restores data quickly and reliably with just a few clicks – using the existing data protection software stack.