Owner security

The Storage Manager’s Quick Guide to Ransomware Resilience

Part 1: Why storage managers need to prepare for the plague of ransomware

Some parts of the business are more concerned about ransomware than others. Security, networking, and support teams are fully aware of the threat ransomware poses on a daily basis.

Storage managers, however, don’t tend to pay as much attention because they think their systems sit in the background and don’t pose the same level of risk as other layers of IT. Continuity’s research, however, clearly shows that this is not the case. Any enterprise storage device has an average of 15 security vulnerabilities/misconfigurations. 3 can be considered high or critical risk. Therefore, it is extremely important that storage managers understand the magnitude of the ransomware threat and what they should do about it.

Let’s start with some facts about ransomware. A study by the Enterprise Strategy Group (ESG) found that cybersecurity has replaced the cloud and artificial intelligence (AI) as the top area of ​​IT spending. While nearly two-thirds of businesses plan to increase their IT spending this year, 69% said they are spending more on security this year compared to last year. Only 2% said they would pay less for cybersecurity in 2022 compared to 2021.

According to the study, 54% of respondents said the top driver of technology spending was achieving stronger cybersecurity and improved resilience against cyberattacks. Why?

ESG found that 48% had experienced at least one successful ransomware attack. Two-thirds of those attacked had paid a ransom to regain access to their data, applications and systems.

Despite all the attention given to digital transformation, the move to the cloud, and the need to deploy analytics and AI to extract real-time insights from organizational data, 22% of companies named protection against ransomware as their top business priority. Another 46% named it among their top five priorities.

These results are supported by another research study conducted by Arcserve and Dimension Research. It revealed that 50% of organizations worldwide have been targeted by ransomware. These attacks continue with high frequency, but most organizations are unprepared.

The financial returns can be staggering. 20% of organizations said they were asked to pay between $1 million and $10 million. Another 35% faced claims over $100,000. Naturally, they are responding by investing more in better security tools, managed security services, improved backup/DR, and staff training. 64% are spending more to upgrade existing security software and add new security applications.

False sense of security

These increases in cybersecurity investments are significant. However, these numbers could lure storage managers into a false sense of security.

Historically, storage has been considered a discrete unit within the IT infrastructure. The old silos between networking, security applications, development, compute, and storage may be shrinking, but storage remains largely a separate unit, especially in large organizations or those managing lots of data.

Added to this is the burden of responsibility placed on storage managers. He is heavier than ever. In modern IT, they have to manage mountains of data with far fewer staff than in the past. These two factors can sometimes differentiate between security and storage. This must change.

Consider the many vulnerability scanning, configuration management, and patch management tools that exist today. Yes, they are ideal for inventorying and analyzing networks, systems, operating systems (OS) and enterprise applications. But they don’t do a thorough job on storage. Surprisingly, they often miss security misconfigurations and Common Vulnerability and Exposures (CVEs) on storage systems.

Yet some storage managers continue to believe that they are safe from ransomware and that systems such as Dell EMC, NetApp, Pure Storage and HPE are beyond the reach of cybercriminals. Nothing could be further from the truth. Hackers are notorious for finding ways to gain administrative privileges. Once they own them, they can easily find their way into storage systems and wreak havoc.

The fact is that hundreds of active security misconfigurations and CVEs currently exist in various storage systems.

However, some storage managers do not know them. Our research shows that on average, approximately 20% of storage devices are currently exposed. This means that they can be successfully attacked by ransomware.

Continuity’s StorageGuard detects security risks that other tools miss. Developed specifically for storage and backup systems, its automated risk detection engines check for thousands of possible security misconfigurations and vulnerabilities in the storage and backup system that could pose a threat to the security of company data. It analyzes block, object and IP storage systems, SAN/NAS, storage management servers, storage appliances, virtual SANs, storage area network switches, data protection appliances, storage virtualization systems and backup devices.

Find out how many misconfigurations and security vulnerabilities exist in your storage environment.

In part 2 of this article (published at the end of September)I cover the key factors storage managers need to consider to achieve ransomware resilience.

The post Storage Manager’s Quick Guide to Ransomware Resilience appeared first on Continuity™.

*** This is a syndicated blog from the Continuity™ Security Bloggers Network written by Joel Reich. Read the original post at: https://www.continuitysoftware.com/blog/the-storage-managers-quick-guide-to-ransomware-resiliency/