By Matt Tyrer
“This isn’t the data you’re looking for…”
This slight twist of Obi-Wan Kenobi’s most famous line next to “Hello there” is certainly not the answer you want when trying to access or recover your data from a ransomware or cyber security incident. However, if you don’t have the intelligent data management tools available to help you better know, protect, and manage that data you might find yourself in a pile of Bantha fodder.
Now, Obi-Wan used the Force to help him succeed and sadly, as much as we wish we could use it as well we just aren’t Jedis (yet), but what we can use are data analytics and actionable insights to help us to see beyond the files and folders and truly understand the nature of the Force…I mean…your data.
To cross-memes a little, GI Joe always said that “knowing is half the battle”, and that is never truer than when it comes to defending your data from ransomware threats. You can’t protect what you don’t know about so when you’ve been hit by a cyber attack how do you know not just what data was impacted, but what sensitive information (PII) was potentially exploited.
“A Jedi uses the Force for knowledge and defense…”
In the beginning, the bad actors just deleted or encrypted your data demanding payment in order for you to retrieve access to it. Next, they stole the data outright and extorted you to keep that sensitive information from being released to the public. Now we’re seeing the combination of both in what is referred to as a “Double extortion” attack. In these increasingly common cyber-attacks, the criminals infiltrate your environment, extract, and steal corporate/personal data, and then finally encrypt your data sealing off your access to it. In this way the attackers hope to not only receive payment to unlock your data, but to get paid again to stop them from publishing your secrets to the world.
Recent years have seen threat actors move from just infesting systems with ransomware to double extortion where they also threaten to exfiltrate the data and release it to the public or sell it. Threats to leak the pilfered data have seen a sharp increase, going from 8.7% in 2020 to a whopping 81% in the second quarter of 2021
– ENISA Threat Landscape 2021
If you don’t know what the exfiltrated data contained, then you don’t know your exposure and can’t properly evaluate the risks of paying or not. It could all be a bluff, and the criminals have nothing of value to hold you for ransom, but because you don’t know what was in those files you’re stuck!
…But what if you DID know?
This is where data analytics and the knowledge they provide becomes an invaluable tool in defending your data, assessing your risks, and evaluating your incident response posture. By knowing more about the contents of your data you can be alerted to potential risks to files containing more sensitive information. Risks such as:
- Sensitive data residing in spaces without the appropriate security (wrong place!)
- Sensitive data lacking the proper data protection policies (wrong plans!)
Being able to proactively identify these types of risks (and more) to all the data in your environment can be a challenge, but having those insights enable you to drive action:
- Secure sensitive data files by moving them into the appropriate locations, putting the files in quarantine, or simply deleting them
- Categorize and classify data to assign them to the proper retention policies and adhere to applicable data governance/compliance or data sovereignty rules and regulations
Obviously, what one considers as “sensitive” data varies by organization and individual, but it could range from corporate intellectual property, financial details, personally identifiable information (PII) for individuals, employees, customers, etc. The short of the long here is you need a tool, a weapon if you will, to defend your data and help find and secure it against threats.
“This is the weapon of a Jedi Knight. Not as clumsy or random as a blaster; an elegant weapon for a more civilized age.”
Like the lightsaber, Commvault® Data Governance cuts through the dark data and illuminates for you the value contained therein. Commvault® Data Governance provides analytics across over data resident on-premises, in the cloud, and anywhere else your data happens to reside – giving you a complete picture of your data landscape. With the flexibility to define your own entity classifications or draw from over 160+ pre-defined entities for personally identifiable information (PII) and other sensitive data types, the Data Governance tool automates the data categorization process.
Once complete, the Commvault Command Center provides intuitive dashboards to clearly illustrate potential risks to your data. Navigate your data landscape, drill down to not only get a closer look at any problem areas, but to quickly remediate any issues.
By identifying the potential risks to your most critical data, you can then properly secure those assets, and in the event of an incident, you can evaluate the response efforts appropriately. This proactive and improved security posture will give you an advantage when faced with the threats to your data – the knowledge of what you have, where it is, and how important it is will let you better respond to these threats and truly become a Data Jedi Master.
To learn more about Commvault® Data Governance, visit https://www.commvault.com/data-governance or check out this webinar on How Data Governance can help reduce your risks of a ransomware data breach.