New data puts the spotlight on how most organizations are unable to completely recover their data after a ransomware attack, making the case for better data protection for improved incident response.
It appears that organizations simply aren’t prepared in the face of a ransomware attack, according to backup vendor Veeam’s just-released 2022 Data Protection Trends Report. Most organizations have a less-than-perfect ability to recover from major business disruptions. According to the report, ransomware specifically is a huge problem for organizations today:
- 76% of organizations experienced a ransomware attack in the last 12 months
- 60% of orgs experienced two or more attacks in the same timeframe
- At best, only 80% of the data was recoverable – and only 19% of orgs were able to accomplish this
- The average organization is only able to recover about 64% of their data
This says a lot about how your organization should be approaching its response to ransomware – and even about its preventative measures to stop attacks before they have an impact. With most organizations unable to fully recover, and a majority of you suffering an attack, there are a few things you need to get right now:
Think disaster recovery, not backups – Have the ability to fully recover some or all of your environment in the wake of a ransomware attack. That means you’ve got a full disaster recovery plan in place, complete with a recovery team, simulation testing, a communication plan, etc.
Improve security at your weakest point – Veeam’s report also notes that, of those organizations who experienced a ransomware attack, 42% of the attacks started with a user who clicked on a malicious link. That means, despite all the security solutions you have in place, malicious emails are still getting through. So, it’s up to the user receiving the email to stop the attack by recognizing the phishing email for what it is and choosing not to engage with it. This is what security awareness training teaches users; to stay vigilant, to play a role in organizational cybersecurity, and to stay clear of suspicious or malicious content in emails or on the web.