4 URGENT REASONS WHY YOU NEED TO HARDEN YOUR STORAGE & BACKUPS TODAY
LATEST INTELLIGENCE
4 URGENT REASONS WHY YOU NEED TO HARDEN YOUR STORAGE & BACKUPS TODAY
i1 . The Effects Of A Successful Ransomware Attack On A Storage Or Backup System Would Be Devastating
The impact of a compromised storage or backup system is significantly greater than any other IT system . This is because a compromise of a single storage array can bring down thousands of servers .
Furthermore , while recovery of an individual server is relatively straightforward , recovery of a storage array is a complete unknown to many CISOs .
2 . Storage & Backup Systems Are Vulnerable
An enterprise storage & backup device has on average 14 security risks , of which 3 are critical risk .
BREAKING NEWS
“ The Conti ransomware gang has developed novel tactics to demolish backups . . . According to Palo Alto Networks ; “ it ’ s one of the most ruthless of the dozens of ransomware gangs that we follow .”
“ The ransomware was targeting poorly protected Network-Attached Storage ( NAS ) devices . The threat actors exploited known vulnerabilities .”
The most common type of risks include : insecure network settings , unaddressed CVEs , access rights issues ( over exposure ), insecure user management & authentication , and insufficient logging & auditing .
3 . Ransomware Is Now Targeting Storage & Backup Systems
“ This new ransomware gang is known to seek out and delete any backups to prevent them from being used by the victim to recover their data .”
93 % of cyberattacks target backup and storage systems to force ransom payment , and are successful in debilitating their victims ’ ability to recover in 75 % of those events .
4 . Auditors , Regulatory Bodies & Industry Standards Are Now Taking A Much Closer Look At The Security Of Storage & Backup Systems
PRESENTED BY
“ Periodically and proactively assess configuration compliance to storage security policy .” [ NIST Special Publication 800 – 209 ; Security Guidelines for Storage Infrastructure ]
Download whitepaper here
8.13 – Information backup : “ Control Backup copies of information , software and systems shall be maintained and regularly tested in accordance with the agreed topic-specific policy on backup .” [ NIST
20 INTELLIGENTCIO NORTH AMERICA www . intelligentcio . com