By Mark Nutt, SVP, International Sales, Veritas Technologies LLC
Ding! Ding! The prize fight for business data is about to begin. In the red corner, costing businesses an estimated $20b last year, ransomware is getting ready to sucker punch the data centre. In the blue corner, the often-overlooked spectre of human error is making yet another comeback. But who’s going to serve the knockout blow that could take the business to the canvas?
Every leader hopes that neither of these challengers will have their organisation on the ropes. In reality though, both present a significant threat to data integrity and business continuity. However, whilst the risks of ransomware are thankfully starting to be taken more seriously, the same care and attention that’s spent defending against ransomware is rarely lavished on barriers to protect against human error.
Where is the biggest risk?
According to the Veritas 2020 Ransomware Resiliency Report, the average enterprise has been the victim of 1.87 ransomware attacks. The risk is real and growing. Attacks are getting more sophisticated as organised criminals zone in on high-value data from targeted organisations. And hackers are finding new ways to exert pressure on their victims to pay by bringing whole IT systems to a halt, or stealing sensitive data and threatening to publish it online. As a result, 72% of organisations in Singapore who suffered a ransomware attack either paid the ransom in full or in part.
Against this backdrop, anyone could be forgiven for thinking that the ransomware hackers were winning the fight to get to business data. However, human error remains a far more common cause of data loss – and is also growing. In a recent 2020 survey on data protection, it was revealed that a majority of data breaches are a direct result of human error, with the number of C-Suites citing external human error or accidental loss as the cause of jump to 53%, from 28% in 2018.
Little wonder, in some senses, since human error is becoming a much more distributed challenge. Even if businesses train their entire workforce to exceptional standards, they’re probably only reaching a fraction of the people who could put their data at risk. Business partners, contractors, third parties and all manner of workers in the supply chain can impact data integrity.
So, even with the rapid growth and greedy expansion of attacks from ransomware, hackers still have a long way to go before they could have a broader impact on business data than simple human error.
What can we learn from the ransomware approach?
Whilst the motivation and circumstances behind these two types of data loss couldn’t be more different, the solutions can actually have a lot in common. Here are some key lessons about dealing with human error that have been learned from protecting against ransomware:
- Act as if a breach is inevitable
Businesses have realised that trying to protect the network perimeter against an incoming ransomware attack is like being the boy using his fingers to plug the holes in the dam: ultimately, something is going to leak through. Planning for a worst-case scenario and being prepared to respond is absolutely necessary.
- Avoid a single point of failure
If you only have one copy of your data and it’s hit by ransomware, your options for getting it back are severely limited. The same is true in the event that a unique piece of data is accidentally deleted or overwritten. Your chances of restoring the information, however, are significantly increased if you already have a backup copy.
- Monitor your data
Data monitoring so that a business is able to recognise any material changes to files, can help businesses to spot a ransomware attack quickly and respond in good time. Monitoring data can also help to identify if files have been accidentally removed. In the immediate aftermath of an accident, there are often ways to reverse its impact. Spotting changes quickly will nearly always give you an advantage.
- Employee education, communication and trust are key
Sophisticated phishing schemes mean that employees are very often the gateway to a ransomware attack. As a result, many businesses offer companywide training on how to respond, encouraging team members to communicate instantly if they think they’ve been the cause of a breach and to trust that they won’t be blamed for it. The same approach is not often extended for data loss accidents but would help businesses to identify challenges, monitor risk and act accordingly.
- Protected data is as vulnerable as any other
If left unchecked, ransomware can quickly move from primary data to its backups. Similarly, errors made in primary data will soon be reflected in the backup. Having the right policies and technologies in place to ensure that backup data is there when needed is critical.
So, is ransomware or human error the most likely to knockout a data centre? The reality of the situation is that they’re both coming for the data, and it’s almost inevitable that both will hit. The law of averages says that human error will occur most often – but ransomware will also get there in the end, and both can be devastating. Businesses should be prepared to protect, detect, respond and recover from either threat to their data and, those that box clever, should be prepared for both.