VeeamON 2023: When Your Nightmare Comes True
Conferences can run the gamut from being poorly organized with a product focus on one end of the spectrum to offering both deep-device and accessible talks chock full of information to solve real-world problems. Veeam’s annual user’s conference VeeamON 2023 squarely falls under the latter category.
The key takeaway: By becoming more digitized, the amount of data organizations must manage and the number of security holes and attacks continues to explode. So, when, and not if, a ransomware or another attack shuts down your organization’s operations, you had better have a working disaster recovery system in place.
“The explosion of devices and sensors connected to IoT has increased massively the endpoints that must be managed, protected and made secure,” Anand Eswaran, CEO of Veeam, said during his keynote.
All told, the massive amount of new connections means the sheer volume of data being generated will skyrocket worldwide from 79 zettabytes today to 175 zettabytes by 2025, according to IDC numbers Eswaran discussed. “Digital transformation is happening in every single business and data is the key to covering digital transformation,” Eswaran said. “So, protecting data becomes life itself. It’s not a surprise then that cybercrime and ransomware targeting the data is exponentially on the rise.”
Much appreciated is how data and security trends were broken down into key data points and analyzed in function of how organizations are struggling and overcoming security threats, especially ransomware attacks. To wit, VeeamON marked the release of its annual Ransomware Trends Report which covered around 1,200 organizations that were victims of ransomware attacks. The insights Eswaran shared included how:
The majority of organizations seek “higher reliability and improved recoverability. The data says that four out of five companies felt that there was a gap between how quickly you need to recover versus how quickly you can have a big gap in reliability,” Eswaran said. With concerns about reliability, four out of five companies in the survey faced widening gaps between the amount of data businesses can afford to lose and how frequently data is protected.
Ransomware remains the top threat. In the survey, a staggering 85% of the respondents reported an attack during the past 12 months. The 17 of you who reported four or more attacks in the last couple of months. And 60% of you believe that significant improvement was needed between how the cyber and backup teams come together, accounting for how 93% of the time almost backups are the first target of the attack.
Cyber insurance remains necessary, but finding viable plans for coverage is becoming more challenging — and expenses. Premiums and deductibles are increasing, while coverage benefits become skimpier.
You don’t necessarily get your money back when you pay ransomware. “Paying ransomware does not ensure recoverability,” Eswaran said. According to the study, 21% of the respondents said their organization could not recover the data while only 16% of the respondents reported that they were able to recover their data without paying ransomware (compared to 19% in the previous-year survey).
To recover without paying your backups must survive. As Eswaran noted, 75% of organizations lost some of their backup repositories during a data attack in the study and when that happened 39% of backup repositories were lost. “Imagine two out of five files gone. Two out of five hard drives — gone. Two out of five of your family pictures — gone,” Eswaran said. “That’s a huge impact.”
The secret to survivable backups is immutability. “Most of you use immutable repositories in some way, but you are actually still unable to recover your backups without paying the ransom. And why is that?” Eswaran said. “It actually means that you need to pay a little more attention to the architecture of the platform… There is clearly [often] a gap between the promise and execution of when companies say they offer immutable storage.”
The secret to recoverability is portability. “While many large organizations have multiple data centers, which helps them do this better, many do not,” Eswaran said. “A hybrid approach and data portability are supercritical. It allows you to backup to and from anywhere and recover to and from anywhere.”
It is critical to not reinfect during the recovery process. “More than half the organizations run the risk of infection because they do not have the means to ensure they have clean data during recovery,” Eswaran said. “You need immutable and air-gapped backups. You need Hybrid IT architectures, which allows you to create data portability and you need a staged recovery to prevent reinfection.”
The Ransomware Elephant in the Room
Security attacks are not the only thing that can cause an organization to lose data, especially if proper disaster covering is not in place. If your organization is running a data center, conceivable and real threats still include floods, fires and other natural disasters. Human error and sabotage are always a threat for data on the cloud or in data centers. But during the past few years, ransomware remains the mother of all threats. “For the last several years, we have asked the question, what’s the most common cause of outages?” Jason Buffington, vice president, market strategy, Veeam, said.
“Three years running ransomware was the cause of the most impactful events and the last two years, the most common cause of outages as well,” said Buffington while discussing the report with Dave Russell, vice president, enterprise strategy, Veeam in the eponymously called talk “Ransomware Trends Report for 2023.”
But when it comes to investing in resiliency for proper backups and other ways to protect data against ransomware and other attacks, CTOs, CxOs and other stakeholders with purchasing power are seemingly investing more in protection, but the growth in spending does not seem to be exponential.
Citing data from Gartner and IDC data, security budgets, in general, are up this year to about three to four percent and are being “positively influenced,” Russell said.
“There has been a lot of talk lately about how security budgets are getting positively influenced because of the cycle of trends to invest more and more in those areas. But in fact, on the recovery side, we’re seeing similar kinds of activities,” Russell said. “So, there is recognition that recovery plays a role in overall cyber resiliency.”
But when it comes to resiliency, money will eventually be spent regardless. “In cyber resiliency, you are either going to pay in advance or you’re gonna pay after the fact,” Buffington said. “So, if you don’t want to pay after the fact, i.e. ransomware or in downtime, then you better pay upfront.”