Data Security Imperative Sparks Focus on Disaster Recovery Strategies, According to Mark Govender
In the ever-evolving landscape of cyber threats, cybercrime has emerged as the most significant danger to business continuity, surpassing physical and natural disasters, according to Mark Govender, a Senior Systems Engineer at Veeam, specializing in data recovery, disaster recovery planning, and systems management.
Govender's recent insights, presented in the 2024 Ransomware Trends Report, highlight the urgent need for small and medium-sized businesses (SMBs) to strengthen their backup security and recovery strategies, particularly in the face of rising ransomware threats.
One of the key recommendations is to prioritize robust backup repository protection. The report reveals that backup repositories are targeted in 96% of ransomware attacks, with cybercriminals succeeding in 76% of these cases. This underscores the critical need for SMBs to secure backups against tampering or deletion.
To counter ransomware that encrypts or destroys data, Govender advises implementing offline (disconnected) and immutable (unchangeable) backups. This ensures that recovery points remain intact and accessible after an attack.
Another crucial point is the development of comprehensive and tested recovery plans. SMBs often neglect detailed data recovery planning, increasing their risk. Proper planning involves regularly testing restore processes to ensure rapid and reliable recovery when needed.
Govender also emphasizes the importance of adopting layered security controls and rapid response strategies. Combining multiple defenses such as network segmentation, multi-factor authentication, continuous employee phishing training, and 24/7 threat monitoring improves resilience and detection before encryption occurs.
Moreover, reducing detection and response times to minutes rather than days is vital given the rapid pace of modern ransomware attacks. Businesses must accelerate their incident response capabilities to quickly isolate and mitigate threats.
The disaster recovery team should include the IT infrastructure department and the data security department. Govender suggests automated testing of disaster recovery plans every two months to ensure their effectiveness. He also recommends that the data recovery document should be treated as a living document, updating it as the business evolves.
Large enterprises often have robust data recovery and disaster recovery plans, but may fall short in regularly testing and updating them. Direct costs associated with data recovery planning include backup infrastructure, storage, cloud storage, software licenses, and recovery service partners. Indirect costs to consider include loss of revenue and productivity during downtime, as well as the cost of non-compliance, such as fines.
With a proper data or disaster recovery plan in place, recovery times can be significantly reduced, from weeks to as little as four hours. Govender emphasizes the importance of regular testing of disaster recovery plans without impacting the production environment or business.
By implementing these recommendations, SMBs can lower their risk of catastrophic data loss and business disruption, integrating secure, tested, and layered recovery solutions as outlined by Mark Govender.
- Mark Govender, in the 2024 Ransomware Trends Report, advocates that small and medium-sized businesses (SMBs) should prioritize robust backup repository protection due to the high risk of targeted attacks and successful infiltration in 76% of cases.
- To combat ransomware that encrypts or destroys data, Govender suggests the implementation of offline and immutable backups, thus ensuring the recovery points remain secure and accessible after an attack.
- Proper planning, including regularly testing restore processes, is crucial for SMBs to ensure rapid and reliable data recovery when needed, as neglecting detailed data recovery planning increases the risk.
- Govender also emphasizes the need for layered security controls and rapid response strategies, combining defenses such as network segmentation, multi-factor authentication, continuous employee phishing training, and 24/7 threat monitoring.
- Reducing detection and response times to minutes rather than days is critical given the rapid pace of modern ransomware attacks, with businesses needing to accelerate their incident response capabilities to quickly isolate and mitigate threats.
- In addition to direct costs associated with backup infrastructure, storage, cloud storage, software licenses, and recovery service partners, indirect costs include loss of revenue and productivity during downtime, as well as the cost of non-compliance, such as fines. By following these recommendations, SMBs can lower their risk of catastrophic data loss and business disruption.
