Johannesburg, 29 Jul 2024
Coming under cyber attack is almost inevitable, therefore organisations must move to better protect sensitive data and improve their ability to recover after a cyber attack.
This is according to cyber security experts addressing a webinar hosted by Rubrik for enterprises in Nigeria last week.
Filip Verloy, Field CTO EMEA & APJ at Rubrik X, highlighted the current state of data security globally.
He said Rubrik Zero Labs’ latest report ‘The state of data security: Measuring your data’s risk’, found that 94% of IT and security leaders said their organisation experienced a significant cyber attack last year, and 93% had to report this to regulatory bodies.
“These attacks are happening in the newer environments such as cloud, with external attackers understanding how to compromise these environments where a lot of the IP of an organisation is potentially stored,” he said.
The research found that many of the attacks were across multiple environment types: 67% SaaS, 66% cloud and 51% on premises. Almost all cloud tenants (94%) were targeted, and two out of three were compromised in 2023. There has been a 70% increase in ransomware attacks, with an attempt every 10 seconds.
Verloy said: “A bit of good news from Mandiant was that the median dwell time went down from 10 days last year to 5 days this year. The flip side is that the time taken for an attacker to exfiltrate your data is also shrinking rapidly.”
With a 23% increase in backup data volumes, there is a great deal of sensitive data being stored: on average 28 million sensitive records per organisation. Cloud storage comes with security blind spots and most backups are not up to the task of coping with ransomware, he said.
“Cyber criminals are going after backups – in 96% of cases they try to go after backup and in 74% of the cases they were successful. They are essentially taking out an insurance policy against effective restores. If you have recoverable backups, you are 27 times less likely to pay a ransom whereas if you cannot backup the data, the chances of the victim paying, and the amount paid are significantly larger,” he said.
He added: “It’s not all negative news. There are many levers you can pull – you need to prepare and understand people are going after this hybrid environment. You need to improve data visibility, prepare to recover, be ready to answer regulatory and legal questions in the middle of a ransomware event, and know where your sensitive data is.”
NDPA boosts governance
Polls of webinar participants found that in the last 12 months, 42% had experienced a cyber attack, 14% were not sure, and 42% said they had not experienced a cyber attack.
Dr Harrison N Nnaji, CISO at FirstBank Nigeria, said Nigeria experienced similar cyber crime trends as the rest of the world – with phishing, business email compromise, ransomware, and growing insider threat problems. “Prior to now, we said an organisation is as strong as its weakest link, but now that we work in ecosystems, organisations are as strong as the weakest organisation in the supply chain,” he said.
Dr Nnaji said: “When it comes to protection, it’s not a one sabre blitz – it’s a collection of practices that must be adopted across processes, technology, people and governance. You must understand your risk domains and articulate an architecture that enables you to build the right approaches to mitigate and manage risk detection, prevention and correction capabilities.”
Dr Obadare Peter Adewale, Chief Visionary Officer at Digital Encode Limited, said the new Nigeria Data Protection Act (NDPA) of 2023 was expected to improve data governance.
“Prior to the regulation there were unstructured approaches to data governance policies and procedures. The Act establishes new nuances around data subjects, data privacy, security and protection. Now data is not only protected, but there must also be proper governance and consent to the authorised use of personal data. It has helped to structure data protection and make organisations more responsible in protecting data and backing up data,” he said.
Building resilience
On cyber resilience and compliance, Samuel Chika, Head of Solutions and Innovations at TigerLogic Solutions Ltd, noted: “You have to first be able to provide assurances on your data and your backup methodology. You should have your data encrypted and in immutable storage where you can fall back and restore confidently. Alongside this, you need to have a consistent practice of ensuring you can recover – simulating recovery processes to ensure data could be recovered. It’s not about ‘if’ but ‘when’ you are attacked and paying ransomware attackers may not make a difference. You need to rethink your backup strategy, go immutable, and rethink your processes to be ready when it happens.”
Verloy added: “There is a global shift toward cyber resilience, and there is an opportunity for a growing economy like Nigeria to leapfrog the rest of the world, combining cyber risk prevention and recovery capabilities. Rubrik offers an immutable file system so once we have a good clean copy we can always bring it back with high speed recovery. The system also identifies where malware is in your backup and ensures you don’t restore affected workloads.”
Share