Cyber incidents have significantly increased in the year which has been marred by the pandemic. Almost all cyber incidents create multiple challenges for organisations and Ransomware is right on the top, since it brings uncertainty along with panic across the organisation.

Today, ransomware is one of the fastest-growing cyber crime threats. The malware prevents users from accessing their computer or data in order to demand a ransom payment. However, there is no guarantee of retrieving data even if the ransom is paid, which is a vulnerable situation for every business. The increased trend of ransomware attacks has exposed significant gaps in organization’s IT systems. Hence, companies must be aware that at some point they might be a target and should be prepared proactively.

“While there are measures being taken to strengthen the entire cyber control environment, however there is always an ongoing battle amongst un-equals where the attacker needs one opportunity viz the defender needs to protect against every threat. Consequently, it’s critical for enterprises to have a robust strategy on protecting data, which starts from “knowing” data and classifying it such that there could be measures taken based on business criticality,” said Atul Gupta, Partner, IT Advisory and Cyber Security Leader, KPMG in India.

Once the system and network get affected by ransomware, it is much more challenging to have the files from the primary sources as there is no assurance the files will be retrieved after paying the ransom as well. A recovery strategy, alongside a backup policy, is highly important as well. Both proactive and reactive policies are needed which ensure that ransomware attacks do not happen in the first place.

“The key to be safe from these data breaches is to have a robust and well-tested backup. This means ensuring good, clean backups are made regularly, and they are thorough and comprehensive. Stay ahead of your enemy, create backups, simulate attacks and prepare action plan for disaster recovery. It is good to deploy sensors and monitor the software activity on endpoints, record traffic and check hardware integrity,” said Sandeep Soni, GM & Vice President of Engineering, India Operations, Clumio.

The impact of ransomware could be pointed to as — Temporary or permanent loss of company data, getting leaked of confidential data on the public domain, data loss along with financial loss as there is no assurance that the company will have access to the data back after paying the ransom. And it becomes difficult for the company to retrieve the lost data.

In such a case, CyberPeace Foundation suggests having a data backup plan for all the systems connected to the company network to a different secure place at a regular time interval.

“Depending on the category of ransomware family, it could be very difficult to retrieve the data from where it got affected. It is highly recommended to have stronger prevention methodologies than curing to mitigate the ransomware attack. We would suggest having a data backup plan for all the systems connected to the company network to a different secure place at a regular time interval. For company-issued devices, enterprise device policies can be implemented to force off-site backups,” said Vineet Kumar, Founder and President, CyberPeace Foundation.

Observing the increased number of ransomware attacks targeting all kinds of business,, the repercussions of not having a defined backup and a strategy in place could prove to be a nightmare. Invest in good solutions and make proper backups to ensure that you do not pay large sums to the hackers later.

Source :- https://cio.economictimes.indiatimes.com/news/digital-security/why-do-you-need-a-ransomware-data-recovery-strategy/80492120