By Mikey Molfessis, cybersecurity expert at Mimecast
In light of the growing volume of cyberattacks - especially since the start of the Covid-19 pandemic - it has never been more important to ensure business continuity and recovery in the event of a disruption. Organisations face a multitude of cyber threats that could halt business productivity and lead to the loss of data, which could be catastrophic to data-reliant companies.
According to data by the Mimecast Threat Intelligence Centre, detections of impersonation attacks, known and unknown malware, spam and blocked clicks increased by 41% in sub-Saharan Africa from 2019 to 2020, with no signs of slowing down. In fact, when looking at 2021 data, the number of blocked clicks detected in February this year was an astounding 18 times higher than 2020.
The rise of work-from-home has also exposed organisations and employees to increased risk. Mimecast researchers found a three-fold increase in clicks on malicious URLs in emails worldwide, during the time when social distancing and lockdowns were coming into effect last year.
In the event of a successful data breach, organisations could suffer devastating losses in terms of revenue, reputation and trust. What's more, without suitable business continuity and recovery measures in place, organisations that fall victim to an attack like ransomware could suffer days - even weeks - of interrupted business productivity, which could ultimately sink the entire business.
As we observe World Backup Day on March 31st, it is an opportune time to better understand the role that data backups and archiving can play in enhancing an organisation's cyber resilience. With the right solutions in place, organisations are more likely to recover from a successful attack, with minimal interruption to the business, its employees and its customers.
Here are three reasons why data backups are in the spotlight in 2021:
More data = more risk
While all organisations are at risk from the rising tide of cyberattacks, those organisations that maintain high volumes of transactional data within their systems are especially vulnerable. By backing up historic transactional and other data to an archive in an independently secured environment, organisations can maintain a lean amount of data and reduce the attack surface. This also simplifies some aspects of compliance with privacy regulations.
The growing volume of unstructured data - which already accounts for 80% of the world's data - adds additional risks. Organisations need ways to protect and manage unstructured data - including data in emails and collaboration tools such as Microsoft Teams and Slack - in order to fully comply with the requirements of legislation such as the Protection of Personal Information Act (POPIA).
The implementation of POPIA has put further pressure on any organisation that processes or stores personal information to provide greater transparency and control over how that data is stored, processed and used. Additionally, in line with POPIA, organisations may have to delete personal information ("Right to be forgotten").
Organisations can enhance their ability to comply with some of POPIA's requirements by backing up data to a cloud archive. This holds the additional benefit of providing organisations with a platform for information governance that provides retention management, email encryption, discovery and data recovery to ensure complete litigation readiness and compliance control.
Data is gold (and criminals want it)
Data is a highly valuable commodity, especially for cybercriminals. Once they have access to an organisation's systems, they can hold data for ransom, modify it or even destroy it. As the number one business productivity tool, email remains the most likely attack vector used by cybercriminals.
An accurate and restorable repository of business email can allow for the fast and easy restoration of original data that may have been lost as a result of a successful cyberattack. For example, when an organisation suffers a ransomware attack, they can easily restore their data and systems without having to incur the cost of paying the cybercriminals' ransom or suffering any significant loss of business productivity.