By Dave Russell, Vice President of Enterprise Strategy, Veeam, and Sandeep Bhambure, Vice President, Veeam India, and SAARC
As the global pandemic accelerated a rise in the proportion of people around the world shifting to remote work, cybersecurity took the centre stage. According to Veeam’s Data Protection Trends Report 2022, 84% of Indian organizations suffered ransomware attacks last year, making cyber-attacks one of the single biggest causes of downtime for the second consecutive year. Those successfully attacked lost 36% of their data on average per attack. It is evident that ransomware is not slowing down as we approach 2023.
However, there has been a significant shift in ploys: targets have transitioned to larger organisations, and the business model that governs how ransomware attacks occur has progressed. A recent study found that recently, large organizations such as Spice Jet, Oil India, BSNL, Telangana Power Utilities, and others have fallen prey to data breaches and cybersecurity attacks. While ransomware attacks have seen an alarming rise globally, India specifically witnessed a 13% rise last year, representing a jump greater than the past 5 years combined, as per a recent report by Verizon. The increase in ransomware attacks on businesses has led to organisations opting for various safety measures; however, the delay in the implementation of technical and infrastructure changes has made them more vulnerable to cyber-attacks.
A ransomware attack can cost nearly $2 million per incident and have a global economic impact of more than $20 billion. As citizens become increasingly acquainted with the value of their data, any negligence, misuse or lack of adequate protection has moved into the spotlight of possible issues for company boards across APJ. With class action and consumer group-led lawsuits on the rise, the responsibility to protect against ransomware and other cyberattacks that threaten user data and privacy has become more critical than ever for businesses.
The other reason that data and privacy have arisen as such crucial topics is timing. A recent Trend micro survey found the Asia Pacific to be the second-most vulnerable region in the world to cyberattacks, after North America. Ransomware attacks ranked in the top five cyber threats in the region, while confidence in company preparedness lagged: a staggering 86% of survey respondents believed they would be breached in the next 12 months.
In the wake of this information, business leaders should sit up and take notice: data breaches are no longer an issue that exists within a company itself – they sit at the board level as well. Moving forward, business leaders should expect increasing momentum toward ensuring the right cybersecurity measures are in place.
Here are three things to keep in focus when implementing security measures.
1. Emphasize the importance of cybersecurity training for all Ransomware has the ability to spread through a system like a wildfire, but it needs an entry point, such as an infected email, email attachment, or application. No matter their role, any member of an organization has the ability to lead the ransomware into the system. Thorough, regular, up-to-date training on best cybersecurity practices is the best preventative measure to keeping systems and profits safe, so make sure the company’s cybersecurity plan affords it the resources it needs.
2. Keep anti-virus and malware software updated Up-to-date anti-virus and malware software can help catch and eliminate the most common ransomware payloads. Like any software, it needs frequent updates, but if used correctly, it can keep your business systems clean with minimal downtime and interruptions.
3. Have a secure backup ready If protections happen to fail and a business finds itself dealing with a ransomware attack, one can gain access to a system again by restoring it from a secure and reliable backup, saving the business from downtime, and data loss, and an often-expensive ransom. Veeam’s ransomware protection, for example, can restore a business’ data and system while adhering to compliance standards, with real-time updates and alerts. Before restoring the system, the backup scans files for malware and provides flexible storage options for a range of files.
Today, ransomware attacks are a lot more common than they used to be. These attacks might not result in organizations facing significant monetary losses, but they will most definitely lose the trust of their stakeholders and customers. With proper cybersecurity infrastructure and training in place, businesses can be one step ahead and secure themselves from any such attacks in the future.