Share this
World Backup Day 2022 - Data Breach Trends
by Sean Curiel on Mar 10, 2022 5:07:19 AM
World Backup Day 2022 is here, a reminder to take a critical look at our technology landscape and work hard to verify that our measures to protect data are rock solid.
In the last year, we've seen the format of business fundamentally change with remote work and education broadly accepted and implemented across many countries. This shift brought about security challenges for administrators and continues to be a vector for attack and potential data loss.
Other recent world events have gone further to create a sense of instability. Healthcare and financial sectors are rapidly preparing for an increase in cyberattacks as a response to moves taken by Western governments in Eastern Europe. Yes, this World Backup Day gives us plenty to think about when it comes to ensuring the integrity of our backups. Join us as we look at `some of the important trends and statistics that can help shape our security policies.
Last Year’s Momentum
We saw several high-profile ransomware attacks in the last year, but the real surprise was the extent to which small and medium-sized businesses felt the impact. Research carried out by Checkpoint showed us that there was a 50% increase in overall attacks per week on corporate networks in 2021 compared to 2020. The latter part of the year especially saw a jump with the Log4J vulnerability widely being exploited. This puts an increasing priority on backup for SMBs as they have tighter budgets and fewer resources to recover from a data loss scenario.
IBM’s 2021 Cost of a Data Breach report gave us the winner of the title of highest industry cost for a data breach. With a 29.5% increase, the Healthcare industry led the way for the 11th year in a row. More concerning is that research shows that these attacks have been responsible for more extended hospital stays, delays in medical procedures, testing delays, and other effects that create adverse outcomes for patients (per the Herjavec Group's Healthcare Cybersecurity Report).
In 2021 breach of healthcare IT systems was 60% higher than attacks in 2020.
– John Riggi, AHA National Advisor for Cybersecurity
Changes in work behavior caused by the pandemic have more people working from home than ever before. It was a sudden change that businesses had to adapt to, including having to rapidly adjust their security policies. NovaBACKUP recommends taking several measures to protect remote workers and secure critical business data. Businesses that did not adapt quickly enough may have found themselves at the end of a costly data breach. Remote work played a factor in 17.5% of the breaches in 2021. Furthermore, organizations with more than 50% of their team working remotely took far longer to identify and contain those breaches.
Remote work was a factor in 17.5% of breaches in 2021.
( Source: IBM Cost of a Data Breach report )
This Year's Direction
Western governments have sounded the alarms that the Russian-Ukraine conflict could trigger a major cyber conflict. Indeed, we have seen some recent attacks carried out by groups based in those regions. In fact, Ukraine was hit by DDoS and malware attacks by state-sponsored actors just prior to the invasion. But while an all-out cyber-war with the West has yet to materialize, we cannot take these warnings lightly. The world today is entirely too connected these days for us to remain unaffected when one of the world’s biggest energy exporters goes to war. Markets and supply chains are already feeling the stress of the pandemic with inflation in the U.S. growing at its fastest pace in 40 years. Add to that the weakness of recovering pandemic supply chains, and we find ourselves in an environment that is ripe to be exploited by cyber-criminals. As expected, the healthcare industry is paying close attention, most recently with the American Hospital Association recently acknowledging that hospitals and health systems may be targeted or incidental victims of Russian-sponsored cyber threats.
What The Criminals Are Saying
Announcements are coming out from various criminal groups based in Eastern Europe declaring their independence from any governmental ideology. The reason? It could simply be trying to keep their nefarious activities profitable. Top cybercrime groups focus on clients who are likely to have insurance as they believe that receiving payment might be easier. To counter, cyber insurance companies often build in exclusions for wartime sponsors of a government, described as a “force majeure” event. This could give insurance companies a loophole to avoid paying out on policies, putting criminal groups in an awkward situation. Appearing unaffiliated with any national conflict may be in their best interest, but that doesn’t mean they are any less destructive.
World Backup Day Reminders
There is no better time than now for readying your network against potential data security threats. Start with the basics and use today to verify that you've covered the fundamentals.
- Update and Patch
All software, operating systems, and business applications should be updated with the latest security patches. This extends to collaborative tools, network hardware like switches and routers, firewalls - everything. Are you tracking which devices have been updated? There are excellent patch-management platform options available to you. - Require Multi-Factor Authentication
With so many employees working remotely, MFA must be enforced with strong passwords. Require multiple pieces of information to prove employee identity. This improves your level of security drastically. - Define User Access and Permissions
Limit user rights to that which is necessary to perform their duties. This helps prevent infection and/or slow the spread, should a ransomware event occur. Start new employees with limited rights from the beginning and increase the level later as needed. - Educate About Cyber Threats
It's no time to be complacent. Let's raise the level of awareness as to how employee behavior affects business data security. Offer real-world education on the vectors for attack, including social engineering and phishing. - Test Your Security Response
The data breach response plan you crafted a year ago may no longer be applicable today with ever-changing IT support teams and environments. Establish a clear emergency data recovery plan that every employee will expect during such a scenario. Your action plan must quickly stop damage and also restore data access and functionality. - Fast, Reliable Backup
Managed Service Providers rely on solutions like NovaBACKUP Cloud, to provide managed backup services that diligently protect client data. Their reputation is built on their ability to quickly access secure backups to get businesses back online when every second counts.
A backup is only valuable if it's restorable. Whether a small or medium-sized business or a managed service provider, consider this World Backup Day as a great chance to test the viability and restorability of your backups. NovaBACKUP offers free backup consultation to help organizations meet all of their data protection requirements.
Warnings from Western governments have raised the alert that malware may be coming as incidental spillover, or possibly even targeted attacks. Watch our recent webinar, entitled Increased Cyber Security Risk for a look at how to protect your data. |
Share this
- Pre-Sales Questions (111)
- Tips and Tricks (95)
- Industry News (59)
- Reseller / MSP (37)
- Best Practices (30)
- Security Threats / Ransomware (30)
- Applications (26)
- Disaster Recovery (26)
- Cloud Backup (25)
- Compliance / HIPAA (24)
- Backup Videos (23)
- Storage Technology (23)
- Virtual Environments (17)
- Technology Updates / Releases (9)
- Infographics (8)
- Backup preparation (5)
- Products (US) (2)
- Company (US) (1)
- Events (1)
- Events (US) (1)
- November 2024 (1)
- October 2024 (1)
- September 2024 (2)
- August 2024 (1)
- July 2024 (2)
- June 2024 (2)
- May 2024 (1)
- April 2024 (1)
- March 2024 (2)
- February 2024 (2)
- January 2024 (1)
- December 2023 (1)
- November 2023 (1)
- October 2023 (1)
- September 2023 (1)
- August 2023 (1)
- July 2023 (1)
- May 2023 (1)
- March 2023 (3)
- February 2023 (2)
- January 2023 (3)
- December 2022 (1)
- November 2022 (2)
- October 2022 (2)
- September 2022 (2)
- August 2022 (2)
- July 2022 (1)
- June 2022 (1)
- April 2022 (1)
- March 2022 (2)
- February 2022 (1)
- January 2022 (1)
- December 2021 (1)
- November 2021 (1)
- September 2021 (1)
- August 2021 (1)
- July 2021 (1)
- June 2021 (1)
- May 2021 (2)
- April 2021 (1)
- March 2021 (2)
- February 2021 (1)
- January 2021 (1)
- December 2020 (1)
- November 2020 (1)
- October 2020 (2)
- September 2020 (4)
- August 2020 (2)
- July 2020 (1)
- June 2020 (1)
- May 2020 (1)
- April 2020 (1)
- March 2020 (3)
- February 2020 (2)
- January 2020 (2)
- December 2019 (1)
- November 2019 (1)
- October 2019 (1)
- August 2019 (1)
- July 2019 (1)
- June 2019 (1)
- April 2019 (1)
- February 2019 (1)
- January 2019 (1)
- December 2018 (1)
- November 2018 (2)
- August 2018 (3)
- July 2018 (4)
- June 2018 (2)
- April 2018 (2)
- March 2018 (2)
- February 2018 (2)
- January 2018 (3)
- December 2017 (1)
- September 2017 (1)
- May 2017 (2)
- April 2017 (5)
- March 2017 (4)
- February 2017 (1)
- January 2017 (1)
- December 2016 (1)
- November 2016 (1)
- October 2016 (2)
- September 2016 (1)
- August 2016 (3)
- July 2016 (2)
- June 2016 (3)
- May 2016 (7)
- April 2016 (8)
- March 2016 (1)
- February 2016 (3)
- January 2016 (12)
- December 2015 (7)
- November 2015 (5)
- October 2015 (6)
- September 2015 (2)
- August 2015 (3)
- July 2015 (2)
- June 2015 (2)
- May 2015 (1)
- April 2015 (5)
- March 2015 (3)
- February 2015 (4)
- January 2015 (2)
- October 2014 (5)
- September 2014 (8)
- August 2014 (5)
- July 2014 (7)
- June 2014 (4)
- May 2014 (3)
- April 2014 (9)
- March 2014 (7)
- February 2014 (7)
- January 2014 (5)
- December 2013 (4)
- October 2013 (7)
- September 2013 (2)