Backup and recovery may not have always been the sexiest of IT topics, but thanks to the rise of ransomware it is now one of the hottest.
The single most effective defense against ransomware is an ability to recover an organization’s data from an unencrypted data source. Otherwise, most organizations wind up paying a fee to recover data that has been encrypted by cybercriminals who typically used social engineering techniques to trick an end user into downloading a file loaded with malware.
But a survey of over 400 IT security professionals conducted by Tripwire during the recent Infosecurity Europe 2016 conference in London finds that only 32 percent are “very confident” they could recover that data. The reason for this lack of confidence stems from all the usual sources, spanning everything from corrupted media to failure to actually back data up in a timely manner.
Just as bad, most internal IT organizations don’t implement best practices involving backup and recovery, which recommend having three copies of your organization's data on at least two types of media, with one of the copies residing off site.
A growing threat
The good news for managed service providers (MSP) is that recognition of the threat ransomware represents is fairly high. A full 93 percent of the information security professionals surveyed said they believe ransomware attacks will continue to escalate in 2016. In addition, more than half (56 percent) identified ransomware as one of the top three security concerns at their organizations.
In fact, the survey cites a report from the FBI that finds that ransomware attacks have netted $200 million in the first three months of 2016, which would suggest ransomware is on track to generate costs of more than a billion dollars by the end of the year. Of course, that estimate only covers the ransomware attacks that are known. In the hope of protecting their reputations, many organizations simply prefer to deal quietly with the matter on their own.
The opportunity for MSPs
The primary reason most organizations are not particularly good at backup and recovery is because it’s often viewed as a tertiary task that gets delegated to members of the IT staff with the least amount of experience. In contrast, MSPs have a vested interest in regularly testing to make sure data can actually be recovered. After all, if the data can be recovered by that MSP at any given time, Murphy’s Law would suggest that it’s only a matter of time before a customer comes asking for the very data that the MSP can’t recover.
In the meantime, ransomware is a top-of-mind issue for business and IT leaders alike. Most of them are still likely to play risk management arbitrage games in their minds concerning the probability their organizations might become a victim, but as the number of these attacks continue to multiple it’s only a matter of time before everybody knows of somebody who became a victim of ransomware.
Before too long the peace of mind provided by a managed service will seem like a small price to pay compared to not only the actual ransom itself, but more importantly the time lost dealing with the attack in the first place. After all, even in the digital business age, time is still money.