World Backup Day: an opportunity for proactive cyber hygiene

World Backup Day is a vital, annual reminder of the importance of not only ensuring resilient data backups, but also of taking a more proactive approach in re-evaluating data protection strategies. As part of this process, organisations and individuals should ensure they are informed and know what to look out for when it comes to the latest cyber attacks. With more people working remotely / on the go than ever before, hybrid-cloud strategies, and workloads at the edge are becoming the norm, resulting in data protection strategies becoming even more complex. With cyber threats constantly evolving, there has been an uptick in ransomware and AI-enabled attacks, as well as the use of deepfakes in social engineering attacks. In addition, stricter data protection regulations are impacting how organisations collect and handle customer data, so companies must also take this into consideration when planning.

Prioritising data security by closely following cyber hygiene practice can help businesses protect data, prevent unauthorised access and reduce the risk of financial, reputational or legal losses that can occur through ransomware attacks. Many enterprises make the mistake of underestimating the impact of a data breach or assuming their business won’t be targeted. Staying up-to-date on the latest ransomware trends, threats and evolving tactics will greatly help in ensuring the company can quickly pivot to ensure the right combination measures are taken to thwart attacks.

Trends impacting data protection approaches

AI will strengthen predictive data protection measures, identifying anomalies in real-time and automating responses to cyber threats. Conversely, cybercriminals will also leverage AI to develop more advanced attacks and phishing schemes and evade traditional security measures.

Data protection vendors will have to integrate AI into their security solutions to automatically learn from each attempted breach and continuously enhance their defense algorithms. They will also focus on developing AI-powered tools that provide real-time insights and predictive analytics to help proactively address potential vulnerabilities.

Organisations must carefully consider the potential security issues associated with AI and implement appropriate safeguards to protect against them.

Businesses are becoming increasingly more responsible in protecting cloud data. This shift is largely influenced by the growing enforcement of strict compliance requirements and the penalties for failing to meet these standards.

More businesses are using strong cloud security measures to protect against ransomware attacks, including encryption, access controls, and immutable storage to combat cloud-specific cyber threats. Moreover, there’s a growing understanding of the shared responsibility model between organisations and cloud service providers (CSPs), though some companies are still catching up.

Ransomware protection and cyber resilience planning are now higher up the agenda than ever. To aid in ensuring data remains undamaged, organisations are deploying approaches such as immutable / air-gapped storage, and zero-trust security. The utilisation of advanced encryption and anonymisation techniques can protect sensitive information from unauthorised access and cyber threats in accordance with regulations, laws, policies, etc.

A vital step in effective cyber hygiene includes educating staff about the risks of cyber attack and how to prevent infection. It is vital not to overlook employee training and awareness programmes. Regular employee training on cybersecurity hygiene, including utilising strong passwords, recognising suspicious emails and reporting potential security incidents are all tried and tested tactics. Data protection measures can be further strengthened by restricting employee access to systems and applications on a need-only basis. Limiting employee access levels to the bare minimum necessary to perform their job functions reduces the attack surface and helps contain the impact of successful attacks. While implementing multi-factor authentication (MFA) will add an additional layer of security beyond passwords and prevent unauthorised access.

It is also advisable that IT administrators secure web browsers with appropriate security settings and trusted extensions. A system to filter spam and executable files, which often carry malware, is another effective preventative measure. However, relying solely on security and anti-malware software as preventative measures for cyber attack would be woefully inadequate.

Taking the added step of incident response planning ensures all parties (including staff, IT administrators, the leadership and legal departments) involved across the organisation know exactly what to do – and can act quickly, should a breach occur.

The IT infrastructure should also be regularly tested for vulnerabilities, in case there are any gaps in the recovery process, and to ensure recovery time objectives (RTOs) are met. Another useful measure to improve data resiliency is to segment networks in order to contain potential infections. It is important to note that outdated software can leave systems exposed to attack, so enabling regular updates of software components within an organisation’s infrastructure by installing updates and patches will mitigate known vulnerabilities that ransomware groups often exploit.  In addition, the deployment of monitoring tools is a vital step in creating alerts as to any failures or issues, as well as to help resolve any potential setbacks. Automation will be increasingly integrated into data protection workflows to enhance efficiency and reduce human error. It can also help in facilitating regular testing of backup and recovery systems.

Finally, and most importantly, backing up critical data regularly and securely will enable safe and swift recovery and ensure business continuity. It goes without saying that only reliable backup software should be utilised, and to be truly effective, this should include support for immutable backups, flexible storage options, strong security controls and instant full / granular recovery.

In addition to ensuring data backup plans are resilient and that they are adequately keeping pace with the threat environment, businesses can ascertain the best protection approach, identify critical data (as well as any potential bottlenecks), by conducting risk assessments.

Enhanced protection of backups, including the prevention of any unauthorised alterations to its data, can be achieved with encryption and the enforcement of stringent access controls, by utilising multi-factor authentication (MFA), two-factor authentication (2FA), and role-based access control (RBAC) – all of which need to be updated on a regular basis. Backup practices must also be continually updated to align with the latest technological, regulatory, and security challenges.

In terms of priorities, anti-ransomware measures such as immutability, air-gapping, anomaly detection, and malware scanning tools, as well as a zero-trust approach (a strategy which assumes no user or device can be trusted by default) across endpoints are essential defenses.

By keeping informed about potential threats, taking the initiative with a ‘no stone unturned’ approach when it comes to the data protection strategy, and by comprehensively protecting backups with the latest technology advancements, organisations can significantly enhance their data resilience. No organisation is immune to ransomware attacks, but with proactive measures in place, businesses can strengthen their defenses against ransomware attacks and reduce the potential impact.