Fending Off the Ransomware Threat: A Financial Industry Perspective
Imagine the ramifications of data loss or compromise in the Financial Services Industry (FSI), where transactions are in the millions—every single day. They would be considerable, from massive compensation costs to reputation damage to potential lawsuits and inconvenienced clients.
Unfortunately, according to a dedicated, industry-specific executive brief recently released by Veeam, most FSI CIOs and executives admit they have both an availability gap (how fast data and apps need to be recovered vs. the time they are actually recovered) and a protection gap (how frequently data is backed up vs. how much data the organisation can afford to lose). See Figure 1:
Fig. 1. Perceived Gaps in Availability and Protection in the FSI
A Natural Target of Ransomware
These gaps make FSI organisations particularly vulnerable to the biggest threat to data at the moment: Ransomware. The results of Veeam’s “2022 Data Protection Trends in Financial Services” report, on which said executive brief was based, bear out this unfortunate reality.
Download the whole report HERE.
According to the report, 76% of organisations had at least one ransomware attack last year—leaving, on average, 38% of affected data unrecoverable. Ransomware, incidentally, was also the leading cause of outages in the FSI industry, with ransomware causing 50% of the outages FSI organisations experienced over the last year. This is the second consecutive year ransomware has been a major problem in the industry, and it likely won’t be the last given the growing frequency and sophistication of ransomware.
Recognising the Threat of Ransomware and Acting On It
On the bright side, FSI organisations appear to have recognised ransomware as a major problem—along with other forms of cyber attacks, like phishing and data breaches. There is now a mindset that ransomware is not so much a matter of “if” anymore but of “when,” and this is prompting organisations in the industry to improve their data protection. It is also universally understood now within the industry that ransomware is a disaster, and that rapid and reliable recovery is a must as a means to remediate the crippling impacts of a ransomware attack.
This is where Veeam comes in. Since 2019, Veeam’s Modern Data Protection platform has been enabling cyber resiliency and providing ransomware protection capabilities to help organisations, regardless of their industry, recover from a cyber attack—reliably and in mere minutes!
Fig. 2. Veeam’s Modern Data Protection platform
Critically, Veeam’s Modern Data Protection platform offers these seven capabilities, which FSI organisations need for rapid and reliable recovery:
- Broad extensible platform. The solution must be able to protect all mission-critical workloads, whether they are physical, virtual or container-based. It should also be scalable, depending on the workloads being protected and their specific requirements and capable of capturing data using different methods.
- Automated verification. The first step toward successful recovery is having reliable, verified and tested backups. With automated verification, the integrity of backups is automatically checked as they are being taken. And if there are issues, a new set of backups can be taken again to ensure their integrity and usability.
- Resilient backups. Resilient backups are backups that adversaries can neither compromise nor destroy. Having these is critical in case of a ransomware attack, where the organisation’s backups are also being targeted by cybercriminals. One way Veeam ensures this is by following the 3-2-1-1-0 rule, where it keeps air-gapped, immutable backups (the additional “1” in 3-2-1-1-0). See Figure 3.
Fig.3. Veeam’s 3-2-1-1-0 Rule
- Immutability. Put simply, immutability means being able to prevent data deletion from the capacity or archive extent. Many of Veeam’s clients in the FSI industry, perhaps now fully aware of the threat of ransomware, are even implementing a double or triple immutability approach. This helps ensure a more comprehensive ransomware protection strategy.
- Instant data recovery. Pioneered by Veeam in 2010, instant recovery enables the immediate resumption of operations and recovery of compromised data. Veeam has only refined and extended this capability over time, and it is now optimised to quickly restore multiple machines simultaneously.
- Secure data recovery. Ransomware can stay in a network for several months, just waiting to be reactivated again to do damage. Veeam ensures that with its secure data recovery capabilities via SureBackup and Veeam Secure Restore, as well as through integrations with anti-malware solutions for automated recovery and checking.
- Recovery automation. Automated recovery ensures repeatable results and enables self-documentation (a requirement of management and external security auditors). Veeam accomplishes both through its Disaster Recover Orchestrator, which automates and documents even the most complex workflows in recovery.
Data Is the Most Valuable Asset
Data is undeniably an organisation’s most important asset—and along with it the trust of the people who have entrusted that same data to said organisation. This is why it is imperative that institutions, especially those in the FSI industry, must endeavour for best-in-class data protection. Veeam has been helping organisations in all sectors in this regard, it can help yours as well.
Click HERE to find out more about Veeam and its data protection solutions. To find out more about the seven capabilities that FSI institutions need for rapid and reliable recovery, click HERE.