An average of 14 cloud providers were used to drive business transformation, but complexity can lead to risk unless comprehensive data protection tools are used
 |
SINGAPORE, Nov. 19, 2020 — Veritas Technologies, a global leader in data protection, availability and insights, today highlighted the challenges that businesses around the globe are facing as they try to protect data stored in complex hybrid multi-cloud environments, from the growing threat of ransomware. In the 2020 Ransomware Resiliency Report, Veritas found that only 49% of respondents in Singapore said that their security has kept pace with their IT complexity, underscoring the need for greater use of data protection solutions that can protect against ransomware across the entirety of increasingly heterogenous environments.
Need to pay ransoms
Typically, if businesses fall foul to ransomware and are not able to restore their data from a backup copy of their files, they may look to pay the hackers responsible for the attack to return their information. The Veritas research showed that companies with greater complexity in their multi-cloud infrastructure were more likely to make these payments. The mean number of clouds deployed by those organisations who paid a ransom in full was 17.11. This increased to 18.61 for those who paid only part of the ransom and went as low as 3.67 for businesses who didn’t pay at all. In fact, only 20% of businesses with fewer than five clouds paid a ransom in full, less than for those (30%) with more than 20 clouds.
This compares with 70% of the under-fives paying nothing to their hackers and just 6% of those with five to twenty clouds.
Overall, a staggering 72% of organisations in Singapore who suffered a ransomware attack either paid the ransom in full or in part.
Slow recovery times
Complexity in cloud architectures was also shown to have a significant impact on a business’s ability to recover following a ransomware attack. While 45% of those businesses with fewer than five cloud providers in their infrastructure saw their business operations disrupted by 5 to 10 days, only 40% of those with more than 20 were as fast to return to normal. Moreover, 12% of the over-20s took less than 5 days to recover, with just 44% of the under-fives having to wait so long.
Regardless of number of cloud services deployed, 43% of respondents estimated 5 to 10 average days of business disruption due to a ransomware attack on average.
Inability to restore data
Furthermore, according to the findings of the research, greater complexity in an organisation’s cloud infrastructure, also made it slightly less likely that they would ever be able to restore their data in the event of a ransomware attack. While 49% of businesses with fewer than five cloud providers were able to restore 90% or more of their data, just 39% of enterprises building their infrastructure on more than 20 cloud services were able to say the same.
When hit by a ransomware attack, the average Singapore business would see 22% of its data impacted while 11% of them would see more than half of their data affected.
Andy Ng, Vice President and Managing Director, Asia South Region at Veritas said: "The pandemic has fast-tracked digital transformation in companies; we found that the average company in Singapore engages with 14 cloud services to drive their digital strategy. The hybrid multi-cloud has emerged as a key component to the digital strategy of companies setting themselves up to face the realities of a new business-as-usual world. Our research has revealed that many companies have not kept pace with the complexity that comes with multi-cloud environments, rendering them vulnerable towards the threats of ransomware. To mitigate the short-term panic and long-term reputation damage from a ransomware attack, companies need to partner with a trusted advisor to ensure they receive independent advice on the right data protection strategy that can work seamlessly across all clouds for their business."
Businesses recognise the challenge
The Veritas research revealed that many businesses are aware of the challenge that they face, with 49% of respondents believing that their security had kept pace with the complexity in their infrastructure. The top concerns as a result of this complexity, as stated by businesses, was the increased risk of internal (36%) attacks followed by and external (35%) attacks.
Andy continued: "The unique security challenges posed by increased multi-cloud adoption combined with an everchanging threat landscape requires pro-active measures put in place for prevention and mitigation. It is imperative for companies deploy corresponding data protection solutions to close that resiliency gap in order to protect increasingly valuable digital assets."
Need for investment
Over half of Singapore businesses (55%) shared that they had increased their budgets for security since the advent of the COVID pandemic. On the other hand, 28% have worryingly decreased it. There was a correlation between this elevated level of investment and the ability to restore data in the wake of an attack: 46% of those spending more since the Coronavirus outbreak were able to restore 90% or more of their data, compared with just 40% of those spending less. The results suggest that there is more to be done though, with the average business being able to restore only 83% of its data.
Back to basics
While the research indicates that organisations need to more comprehensively protect data in their complex cloud infrastructures, the survey also highlighted the need to get the basics of data protection right too. Only 50% of respondents could claim that they have offline backups in place, despite the fact that those who do are more likely to be able to restore more than 90% of their data. Those with multiple copies of data were also better able to restore the lion’s share of their data. 59% (10% more than the global average) of those with three or more copies of their files were able to restore 90% or more of their information, compared with just 35% of those with only two.
The three most common data protection tools to have been deployed amongst respondents who had avoided paying ransoms were: anti-virus and endpoint security (55%), keeping an offline backup of data (50%) and storing copies of backups in different locations (44%).
Global trends
While majority of organisations in Singapore have not experienced any ransomware attacks (69%), the safest countries to be in to avoid ransomware attacks were Poland and Hungary. Just 24% of businesses in Poland had been on the receiving end of a ransomware attack, and the average company in Hungary had only experienced 0.52 attacks ever. The highest incident of attack was in India, where 77% of businesses had succumbed to ransomware, and the average organisation had been hit by 5.27 attacks.
To read the full 2020 Ransomware Resiliency Report, please visit: https://www.veritas.com/defy/ransomware.
Methodology
The 2020 Ransomware Resiliency Report was carried out by Wakefield Research in September 2020 and includes the responses to questions from 2,690 senior IT executives at companies of 1,000 or more employees in Australia, Benelux, China, France, Germany, Hungary, India, Italy, Japan, Poland, Russia, Saudi Arabia, Singapore, Spain, South Africa, South Korea, Sweden, Turkey, UAE, UK and US.
About Veritas
Veritas Technologies is a global leader in data protection, availability and insights. Over 80,000 customers—including 87 percent of the Fortune Global 500—rely on us to abstract IT complexity and simplify data management. The Veritas Enterprise Data Services Platform automates the protection and orchestrates the recovery of data everywhere it lives, ensures 24/7 availability of business-critical applications, and provides enterprises with the insights they need to comply with evolving data regulations. With a reputation for reliability at scale and a deployment model to fit any need, Veritas Enterprise Data Services Platform supports more than 800 different data sources, over 100 different operating systems, more than 1,400 storage targets, and more than 60 different cloud platforms. Learn more at www.veritas.com. Follow us on Twitter at @veritastechllc.
Related Links :
http://www.veritas.com
