DEVOPSdigest

Data breaches cost US companies an average of $9.4 million(link is external) — and by 2031, ransomware attacks will happen every two seconds(link is external). To address the scourge of cybercrime, we must all become data protectionists.

It's no longer strictly an enforcement issue, governmental concern or business data issue. Cybercriminals target vital organizations like healthcare, education and infrastructure, threatening our safety, and our lives. With each successful breach and ransom payment, hackers grow more emboldened and continue to wreak havoc. The honest effort to fight these global attacks needs to begin at the local level. With data as our most valuable and exploitable asset, all organizations must invest in protection, period. It's the foundation for backup and, ultimately, for recovery in the inevitable event of an attack where hackers hold data hostage.

To prepare effectively with today's IT solutions is challenging. Nearly two-thirds of business leaders(link is external) lack full confidence in their legacy backup solutions — a sobering statistic. New companies, especially, face challenges instituting backup procedures. Established organizations typically have IT departments to manage cybersecurity, but many start-ups are cloud-native and lack the resources to hire dedicated IT staff. Contrary to popular belief, cloud services don't secure your data. Under the practiced cloud-sharing model, cloud services merely hold the data — it's up to you to protect it.

These three steps can protect your data regardless of your organization's size or age.

1. Be prepared to recover from breaches

Hackers are tenacious, making it crucial to create data protection processes. But you can't stop there. You must assess your preparedness by evaluating your data storage practices and recovery capabilities. In addition to a secure backup process, you must create and practice a step-by-step restoration strategy.

With that in mind — do everything you can to prevent a breach. Start with consistently updating software and hardware to patch known vulnerabilities. Maintain an inventory of devices connected to the network. Consider hiring a managed service provider to oversee data protection. Smaller or newer companies lacking the resources to do it themselves benefit especially from this service.

The other factor you can't neglect? People. More than 80% of data breaches(link is external) involve a human element. To protect against these attacks, require multi-factor authentication for your data, limit access and password-sharing and train your employees to recognize common phishing, social engineering and other hacks and their associated risks.

We can't bury our heads in the sand. With ransomware as a service (RaaS) making hacking more accessible and the growing sophistication of attacks, no prevention strategy is fool-proof. That's where these next steps come in.

2. Back up data with the 3-2-1-1-0 rule

Backing up your data is a requirement. So what's the best way to do it? Observe the 3-2-1-1-0 rule. Back it up three times with two copies stored via different media or locations. Store at least one backup copy offsite or in the cloud and one totally offline. And you must ensure there are zero errors in your data by checking the backups daily to confirm they are storing the crucial data and immediately correcting any issues.

Just because you possess data copies doesn't guarantee you can restore damaged files. Backups are only as good as their recovery plans.

3. Prepare a ransomware recovery plan

When hackers demand — and companies pay — a ransom, there's no guarantee the hackers will release the data. Only 4% of companies(link is external) that pay a ransom have all their information returned. Even if you do receive your data, the restoration process is tricky. It requires identifying and removing any compromised data and a thorough database inspection before using backups to restore and reset. Whether you pay a ransom or not, the recovery process is still complex and could cause excessive downtime and lost revenue. So how do you circumvent these challenges? Plan ahead.

It is important to note — a ransomware recovery plan is not the same as a disaster recovery plan. Unlike recovery from a natural disaster or human error, ransomware recovery is necessitated by a threat or criminal activity. The primary goal of a successful plan should focus on business restitution without the loss of business continuity and the ability to recover all of your data without paying a ransom. A proper strategy can enable recovery in minutes — not days or weeks. Most processes involve backup software, hardware, Backup as a Service (BaaS) or some combination of these elements. The ransomware recovery plan should balance a company's internal capabilities and risk tolerance.

Equally critical — everyone involved in the procedure must maintain and practice the plan. Write down each step and regularly review the process. Run a simulated hack to verify the strategy's effectiveness, and set a schedule to review and update it as circumstances and business needs evolve. Organizations that tested their plan saved $2.6 million(link is external) compared to those that didn't.

Ending cybercrime requires a group effort. Each organization must assume responsibility for its own data protection. The more difficult it becomes to hack into an organization, the more cyberattacks fail — and the less incentive cybercriminals have to continue their assault. Prevention through proactive strategies across all industries offers the best defense to protect individual and company data. We all bear responsibility in this fight — we must answer the call to become data protectionists!