took two to four months.” Buffington added: “In the case of organisations that are getting hit multiple times per year, this becomes almost a continual type of attack. The other thing that's key to remember is that one of the first things many organisations do when they hear an attack is ongoing – not over, but ongoing – is to lock down the backup servers. But attacks can persist for a while. Just because you are aware of an attack doesn't mean it's over. And it doesn’t mean that you can start to recover yet. First, you have to lock down the environment, then you have to identify what needs to be recovered.” The challenge with cyber, unlike a fire or flood, is that it’s not immediately obvious which servers are infected. “A triage has to happen and it’s going to take longer than you think. More data than you'd like to imagine (45%) is going to be affected and on average organisations were only able to recover about two thirds of that, which means about 15% is not going to be recoverable.” The research is not all bad news. Almost all organisations (95%) have a pre-defined plan and team to call into action in the event of an attack; most companies are increasing their investment in both prevention and remediation; and organisations have learnt from experience and are focusing on immutability to ensure their backup repositories cannot be deleted or corrupted – 82% use immutable clouds and 64% use immutable disks. Only 2% do not have immutability in at least one tier of their backup solution. Buffington said that Veeam’s intention with this research is not to spread fear but to get everyone pulling in the right direction. “Sixteen per cent say they recovered without paying. Veeam’s mission in life should be to help the other 84% of respondents to be able to answer that way. That's the goal,” he said. To download a copy of the report, go to vee.am/rw23 drives, two out of five mailboxes, two out of five applications. For 14% of respondents, 81% to 100% of their data was affected. The extent to which they have also been successful in targeting backups is highlighted by the fact that almost one third of respondents who paid a ransom discovered that the bad actors had hit all or most of their repositories. Two out of five said that some had been impacted. On average, 39% of backup repositories were affected and unusable. This, as Russell points out, makes it very hard for organisations to recover and also increases the time it takes. “On average, it takes three plus weeks until you're back up and operational. Some said it took one to two months. A few said it CYBERSECURITY 01732 759725 36 ...continued Thanks a million Arctic Wolf extends $1 million security operations warranty to customers in EMEA and ANZ Security operations company Arctic Wolf has extended its Arctic Wolf Security Operations Warranty to eligible customers in Europe and Australia/ New Zealand (ANZ). The benefit provides qualifying customers with fully underwritten financial assistance of up to $1 million in the event they experience a major cybersecurity incident. According to recent research by Arctic Wolf, 40% of organisations currently lack comprehensive cyber insurance, and most of those that do have an active cyber policy believe it would not fully cover the costs associated with a major cyber incident. Arctic Wolf developed its Security Operations Warranty to help customers address these cyber risk gaps by automatically providing an additional layer of financial resilience. Dan Schiappa, Chief Product Officer at Arctic Wolf, said: "No single cybersecurity tool is perfect at stopping attacks, and that's why Arctic Wolf has always focused on delivering a combination of effective security operations solutions and unique customer benefits in order to help organisations build business resilience. With the expansion of the Arctic Wolf Security Operations Warranty to Europe and ANZ, we continue to demonstrate the confidence we have in the Arctic Wolf Security Operations Cloud, coupled with the third-party provider service benefits as part of the Security Operations Warranty, to detect and prevent successful cyberattacks across all threat surfaces." Available at no cost to new and renewing Arctic Wolf customers who utilise Arctic Wolf Managed Detection and Response and additional Arctic Wolf solutions, the Arctic Wolf Security Operations Warranty provides up to US$1 million in funds to support incident response activities, legal and regulatory expenses and associated business costs that may occur from a ransomware attack, business email compromise (BEC) incident or other businessdisrupting cyber event. The global expansion of the Arctic Wolf Security Operations Warranty was announced at Partner Jam, Arctic Wolf’s weeklong celebration of its channel, alliance and insurance partner community, which has now grown to more than 1,300 members worldwide, including almost 200 in EMEA and ANZ. The Arctic Wolf Security Operations Cloud spans the complete security operations framework, including Managed Detection and Response (MDR), Managed Risk, Managed Cloud Monitoring, Managed Security Awareness and Incident Response. arcticwolf.com 2023 GLOBAL REPORT RANSOMWARE TRENDS Lessons learned from 1,200 victims and nearly 3,000 cyber attacks Dave Russell
RkJQdWJsaXNoZXIy NDUxNDM=