SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Cloud Services
#
Cybersecurity
#
Data Protection
World Backup Day highlights need for robust data protection
Fri, 29th Mar 2024
Author image
By Kaleah Salmon, Journalist
Follow us

In today's age of digital dominance, data security and safety have become more crucial than ever. To highlight this, World Backup Day, scheduled for 31 March, encourages a focus on protecting vital data and implementing effective backup strategies. Given the current threat landscape dominated by cyber-attacks, data backup offers a lifeline that can keep businesses afloat.

Anthony Spiteri, Regional CTO for APJ at Veeam, has chosen the occasion to share five best practices for enhancing cybersecurity resilience through secure backup strategies. Commenting on the need for stronger security approaches, Spiteri pointed out that World Backup Day serves as a 'timely reminder for organisations to up their data protection game by having the right recovery and ransomware protection capabilities.'

The primary concern is cyber attacks, which, according to Veeam's Data Protection Trends Report 2024, have been listed as the leading cause of business outages for four consecutive years. This serious threat from ransomware is now more of an ongoing issue rather than an isolated problem. Spiteri revealed, 'Eight in ten 10 APJ organisations suffered at least one ransomware attack last year.' The consequence of these attacks goes far beyond affecting business continuity; they hurt brand reputation and result in revenue loss.

This threat landscape emphasises the need for effective backup strategies, and accordingly, Veeam has proposed five advisable ways to ensure secure backups and reinforce cybersecurity resilience:

The first approach is to strive towards achieving a Zero-Trust environment to keep attackers out. Zero-trust is a proactive security model that assumes potential threats exist both inside and beyond network perimeters. It secures all endpoints by default and continually refining security practices to outpace evolving threats.

The second practice centres on data immutability to maintain business continuity in the face of ransomware. Immutable backups, which cannot be altered or deleted, provide protection against threat actors aiming to compromise backups and thus guarantee data recoverability.

The third strategy involves using encryption throughout data's lifecycle, from creation to backup storage. This strategy depends on strong collaboration between the security and backup teams, aiming to enhance data protection measures and minimise the risk of unauthorised data access.

The fourth practice revolves around careful planning and testing for worst-case scenarios. This means maintaining updated documentation, frequently testing backup plans, and verifying Recovery Point Objectives (RPO) and Recovery Time Objectives (RTO).

Finally, it is crucial not to reintroduce the threat during recovery. Having a plan in place to handle infections and prevent reinfections from backup data that might contain latent, unactivated malware is vital.

These practices, as recommended by Veeam, emphasise that data protection is not just about prevention but also about how businesses can survive and recover when cyber-attacks are sadly almost inevitable.

Related stories
Smarttech247 & SentinelOne launch AI-powered cybersecurity for SMEs
GitHub's 2FA initiative helps secure software supply chain
ExtraHop report shows Singapore firms vulnerable to ransomware attacks
Jason Haddix joins Flare as Field Chief Information Security Officer
Ransomware threats escalating in Southeast Asia – report
Top stories
Zscaler introduces enhanced ZDX service for improved IT operations
The importance of cybersecurity training for software developers
HID acknowledged as Leader in Gartner Magic Quadrant for Indoor Location Services
Exclusive: How Darktrace is tackling AI-driven cybersecurity
Record ransomware attacks in March 2024, report finds