By Kate Mollett, Regional Director at Commvault Africa

Ransomware is one of the biggest threats and challenges facing organisations today. A simple online search will reveal hundreds of high-profile attacks and scary statistics around the acceleration of ransomware incidents and the costs involved. Mitigating this threat has become essential to survival in a digital world, but this is about more than just security. Data management plays a core role in minimising the risk of ransomware, protecting data, detecting threats, and recovering fast, as well as in delivering critical insight into data and tools to enable you to respond to threats and continuously improve security stature.  

The state of ransomware 

Ransomware is accelerating and showing no signs of slowing down. Every time new statistics are released, they show record highs in the number of attacks and the financial implications and collateral damage, including ransomware pay-outs, critical downtime, and costly reputational damage. Many businesses are simply not adequately prepared to handle a ransomware event because the attack types have become increasingly sophisticated, with purpose-built ransomware tools that are being leveraged at scale by organised groups. 

Added to this is the recent migration to a remote workforce which has driven more data to the edge, and growing cloud transformation and Software as a Service (SaaS) adoption, which has vastly increased the attack surface. It has never been more critical to shift mindsets and adopt a strategy that incorporates measures to not only prevent attacks but also give business the tools to properly recover when an attack does hit. 

Proactive data recovery strategy

One thing that all organisations need to do is adopt global best practice standards around cybersecurity, such as the National Institute of Standards and Technology (NIST) Cybersecurity Framework. This framework offers guidelines to help today’s organisations become ransomware ready and deliver a repeatable structure to enable the effective response to a breach. This in turn helps businesses to better understand, manage and reduce cybersecurity risk. 

It is a broad guide that covers multiple aspects of cybersecurity. However, data protection and data management play a critical role in establishing this framework. Effectively, data protection forms an organisation’s last line of defence against a ransomware attack, enabling you to reduce downtime, fully recover and effectively minimise the impact of a data breach. 

A multi-layered approach to data protection

There are three key elements to address to ensure comprehensive ransomware protection: protect, detect and recover. The protect element involves insulating data from successful breaches, detection is the ability to spot and identify attacks before they can cause damage, and recover is the ability to perform fast and reliable data restoration. 

These three key pillars are supported by a number of different elements. These include data encryption both at rest and in flight, isolated data air gaps, early threat detection including anomaly detection, trend analysis and honeypots, multi-factor authentication, zero-trust access controls and immutable data backups. On top of this, organisations can benefit from advanced tools and insights to help them continuously evaluate and improve on their backup security stature, gain real-time visibility into critical events, anomalous activities and vulnerabilities, and make informed recovery decisions. 

Ultimately, the goal is to drive better security outcomes and minimise the growing threat of ransomware. This is achieved through effective tools and strategies that help keep data secure and compliant, allow it to be recoverable, protect it and isolate it from attack and ensure business can rapidly get back online.