Intelligent CISO Issue 45 - Page 34


Keeping ahead of the criminals
More recently , Ransomware-as-a- Service ( RaaS ) has increased . Tried and tested ransomware tools are made available to launch attacks via a subscription-based model to anyone proficient in the Dark Web arts .
Incredibly , the authors of this malware receive a cut of each ransom payment that is received . This opens the potential for an attack to whole new levels and is something that CISOs must consider as they look at their data security . They must improve their efforts to identify , deter , protect against , detect and respond to these actions . As discussed above , bringing immutable backups into play will be a massive advantage and this can be done by adding a crucial step to the 3-2-1 data protection strategy . Make it a 3-2-1-1 strategy where you have :
• Three backup copies of your data on . . .
• Two different media , such as disk and tape . . .
• With one of those copies located offsite for Disaster Recovery and . . .
• The final one in this equation is immutable object storage
No silver bullets
While immutable storage offers powerful protection against most ransomware threats , it is not a silver bullet . There is still the issue of exfiltration when
34 www . intelligentciso . com