Share this article on:
Ransomware risks exacerbated by COVID-induced digitisation could persist for the next few years, according to new research.
Data protection platform Veritas Technologies has published findings from its Veritas Vulnerability Lag Report, which suggests Australian businesses may be subject to heightened cyber security risks for another two years.
The research, which involved a survey of 2,050 IT executives from 19 countries including Australia, also found stakeholders would need to invest $2.3 million and hire an estimated 27 staff to extend protections offered by technologies employed following the onset of the COVID-19 pandemic.
“For organisations to protect themselves against vulnerability to data threats, such as ransomware, their production and protection environments have to evolve in parallel: as each new solution is introduced into the organisation’s technology stack, protection capabilities need to be extended to cover it,” Pete Murray, ANZ managing director at Veritas, said.
“However, the need to innovate quickly often throws this balance off, creating a vulnerability lag, where systems and data are left unprotected and susceptible to attack.
“With the challenges wrought by the COVID-19 pandemic, and Australian businesses were right to prioritise the immediate task of empowering the shift to remote working. Now though, the time has come to take action and redress the balance.”
According to the study, cloud environments are most at risk, with 88 per cent of Australian respondents revamping their cloud infrastructure in response to the pandemic.
Of those respondents, 63 per cent acknowledged gaps in their protection strategy.
Moreover, just 53 per cent of surveyed executives said they could accurately state the number of cloud services they had employed.
Respondents also lacked data clarity, with the average executive admitting 33 per cent of stored data is ‘dark’, with a further 68 per cent redundant, obsolete or trivial (ROT).
“Having a thorough understanding of the value and location of your data is the foundation of good data protection strategies,” Murray added.
“So, before cloud data sets can be properly protected from threats like ransomware, IT teams need to know exactly what data has been sent to which cloud services.
“Today, 47 per cent don’t even know how many cloud services their companies are using, let alone what they are. It’s little wonder that they say they need time and resources to get back on track.”
As a result of such vulnerabilities, 88 per cent of respondents had experienced downtime in the last 12 months, and, on average, had been the victims of 3.68 ransomware attacks.
Murray concluded: “Selecting a single data protection platform that can operate across the entire data estate – both in your data centre and the public cloud – can radically reduce the management burden of data protection.
“And adopting modern data-protection tools allows artificial intelligence (AI) and machine learning (ML) to reduce the need for so many members of staff.”