Intelligent CIO North America Issue 24 | Page 34

EDITOR ’ S QUESTION
BRIAN DUNAGAN , VICE PRESIDENT OF ENGINEERING , RETROSPECT , A
STORCENTRIC COMPANY
Organizations need tools to defend themselves , both to protect their data and to detect early signs of intrusion .

Ransomware continues to hamper businesses around the world , locking them out of their business workflows and demanding exorbitant payments . With the availability of Ransomware-as-a-Service ( RaaS ), those attacks have become even more frequent , targeting everwider segments of businesses .

ThoughtLab recently announced the findings of its 2022 Cybersecurity Benchmarking Study , which revealed : “ The number of material breaches respondents suffered rose 20.5 % from 2020 to 2021 , and cybersecurity budgets as a percentage of firms ’ total revenue jumped 51 %, from 0.53 % to 0.80 %.”
Yet : “ 29 % of CEOs and CISOs and 40 % of chief security officers admit their organizations are unprepared for a rapidly changing threat landscape .”
Organizations can best improve their cloud security with a backup solution that offers anomaly detection and backup comparison . Businesses need to understand not only what is in a backup but what changed between backups .
Organizations need tools to defend themselves , both to protect their data and to detect early signs of intrusion . And , they need to be able to recover quickly and affordably , should they experience a successful attack . And the truth is that today , it is not really a question of if an organization will be successfully breached , but more realistically simply a question of when .
Using anomaly detection and backup comparison , administrators can identify exactly which files changed to signal an anomaly and evaluate their contents to isolate valid ransomware infections .
Next , organizations need to be able to do OS compliance checks . Many ransomware variants depend on unpatched systems for infiltration . Retrospect Backup now utilizes its extensive footprint to aggregate system information and identify systems that are out of compliance with the latest version of each operating system .
The ideal backup solution should also support configuration encryption and multi-factor authentication combined with a password prompt . That way , even if an attacker gains administrative access to the computer where the backup runs , they will not be able to access the program or the configuration files .
Last but certainly not least , the backup should enable flexible immutable retention periods , alerting the organization when a file is leaving its retention period , and enabling the organization to choose if that is satisfactory or if the retention period must be extended .
34 INTELLIGENTCIO NORTH AMERICA www . intelligentcio . com