Part I: It’s Time To Rethink Your Risk Mitigation Strategy

By Doug Chando

This is the first blog in a five-part series on risk mitigation and how Commvault can help.

It seems like these days you don’t have to look too hard to find yet another story in the news about some major company that has been impacted by a ransomware event. In fact, in the two weeks prior to Jan. 28, the following headlines were just a few that happened to catch my eye:

  • “Ransomware attack takes down city services in Sammamish, Wash.”
  • “Salisbury police hit by ransomware attack”
  • “New ransomware strain is locking up Bitcoin mining rigs in China”
  • “Ransomware cripples major newspapers, and other small business”

So prevalent are these attacks that it is becoming a near constant theme of the discussions I have with data management and security professionals who are genuinely concerned about the safety of their data. The conversations typically go something like, “We are confident in the practices we have implemented to safeguard our data and systems, but the threats are a constantly moving target. How do you prepare for that?

Their concern is completely legitimate, and in reality, you would be hard pressed to find anyone who hasn’t been affected, either directly or indirectly, by a malicious threat of some sort. Even considering the broad impact, it’s still surprising to see the staggering figures that some experts are claiming as the potential brunt these evolving threats will have over the course of 2019. To quote a few:

  • In 2019, there is projected to be a ransomware attack every 14 seconds1
  • Ransomware damage costs projection $11.5 billion in 20192
  • $2.4 million is the average cost of a malware attack on a company3

Despite the headlines and ominous warnings from experts, many organizations will, in fact, be affected by one or more of these attacks. Why is that? Well, for one, many organizations treat and prepare for these malicious threats almost identically to how they plan for a natural threat. The difference, though, is that these threats are evolving daily, and those developing them are constantly looking for new and overlooked vulnerabilities; essentially, they are always a step ahead. Whereas traditional DR plans are absolutely critical, and recommended, it’s important to come to the hard realization that despite your best efforts in prevention, you are more than likely going to be affected by some type of attack. Accepting that, you’ll also accept that preparing for how to respond to an attack is becoming every bit as important, and perhaps more so, as how you are preventing against one.

Based upon the many discussions I have had with security and data management professionals around the subject of risk mitigation, I thought it would be helpful to share the conversations, experiences and, perhaps most important, the practices we have established. In this series we are going to look at some key elements that should be considered as part of any risk mitigation strategy, as well as how Commvault has consistently been helping its customers complement and strengthen their plans – and significantly lessen the potential risks to their data. We’ll discuss how we have been able to do that with natively available prevention tools and tactics that are in the Commvault tool set today.  For example:

  • Hardening and fortifying your backup systems, as well as the various dimensions of hardening
  • Monitoring and alerting for threat detection/suspicion
  • Recovery readiness plans and reporting
  • Governance and compliance
  • How artificial intelligence (AI) and machine learning (ML) can help enable “smart” data management operations

As I mentioned earlier, prevention is typically where a good percentage of focus is usually spent, but we also need to consider the dreaded “what if” scenario. So we’ll also look at how “response and recovery” is a needed element to any risk mitigation strategy. And with that, we’ll look at key considerations for an effective recovery situation. Things like proper infrastructures for the recovery need, recovery concurrency, recovery techniques aligned to SLAs, etc. We’ll also look at some examples of Commvault customers who have experienced an attack, but due to proper prevention and a solid recovery plan powered by Commvault best practices, have come out of it with minimal impact.

The sobering truth is – as our reliance on data continues to increase, unfortunately so will the threats to it.  Because of that fact, it’s more important now than ever to have a solid risk mitigation strategy supported by a modern data management solution that will protect you when, not if, you need it. With that said, hopefully, you will check back in on this series as we continue to discuss this timely subject in greater depth.

1 – CyberSecurity Ventures, Global Ransomware Damage Costs Predicted To Hit $11.5 Billion By 2019, Nov. 2017

2, 3 – Varonis, 60 Must-Know Cybersecurity Statistics for 2018, May, 2018