Security Magazine: Reduce Data Breach Risk on World Backup Day 2022
On March 31, 2022, Florindo Gallicchio was featured in the Security Magazine article, Reduce Data Breach Risk on World Backup Day 2022. Preview the article below, or read the full article online.
+ + +
Backing up enterprise data can reduce the effects of ransomware or a data breach. After experiencing a ransomware attack, 83% of victims paid to restore their data — preparing for cyberattacks in advance by conducting frequent data backups may help reduce these costs.
Spreading awareness about data backups is the mission of World Backup Day, which began in 2011. For World Backup Day 2022, Security magazine spoke with security leaders about the importance of enterprise cybersecurity.
Florindo Gallicchio, Managing Director, Head of Strategic Solutions at NetSPI:
This World Backup Day, it’s time to acknowledge how critical data backup has become, especially since many ransomware strains attempt to delete backup files, as we witnessed with Ryuk. Most businesses are faced with two significant risks when it comes to backups: the theft and public disclosure of sensitive data, and the disruption of critical business functions. If either of these risks occur, organizations could endure devastating consequences. To make sure that doesn’t happen, organizations need to proactively put strategies in place to bolster protection against these threat actors.
One way to do this is by ensuring that backups with all of the organization’s critical data are routinely, completely, and securely assessed –– as this is a necessary step in recovering from a possible ransomware attack. These backups should be encrypted so that sensitive data is not disclosed and stored in such a way that an organization can recover its data in a timely manner, as this is necessary to minimize disruption to business operations. Additionally, organizations should regularly revisit and test disaster recovery and business continuity plans to validate that ransomware and other threats won’t impact the integrity of any backups.
Finally, any highly important, sensitive data should be stored on an entirely separate network from the internal network. That way, if ransomware targets the desktop network, it cannot spread to the critical systems and cause complete chaos. While this is a long-term and challenging strategy, it’s well worth the time and investment for organizations to counter the continuous risk of critical data loss.
Explore More News
Proof Over Promises: A New Doctrine for Cybersecurity
As cyberattacks grow in frequency and sophistication, traditional assurances like contracts and certifications are no longer sufficient. Instead, vendors must actively demonstrate their security resilience through measurable and continuous validation, such as penetration testing. This proactive approach not only strengthens vendor-customer relationships but also mitigates risks in an increasingly interconnected and vulnerable digital landscape.
The Age of Promises is Over, Vendors Must Now Lead with Evidence-Based Assurances
In today’s evolving cyber threat landscape, traditional vendor assurances like contracts and periodic audits are no longer sufficient. Sam Kirkman emphasizes the need for vendors to shift from trust-based compliance to evidence-based security, where measurable and continuous validation replaces outdated promises.
NetSPI Redefines Pentesting with New User Experience
NetSPI, the global leader in modern penetration testing, today announced a new, modern user experience for the NetSPI platform, reimagining what penetration testing should feel like for today’s enterprise: focused, fast, and easy.