Survey Shows Gaps in Storage Cybersecurity Knowledge and Practice

Nexsan advises better defense including immutable backups and regular security audits

SUNNYVALE, Calif.--()--A survey of companies over 500 employees across all industries revealed that 6 out of 10 organizations have experienced some form of cyberattack targeting their data storage in the past 12 months—but less than half follow proper steps to defend against emerging cyber threats and ensure quick recovery.

The survey, conducted by Nexsan®, the pioneer of highly reliable, cost-effective enterprise-class storage solutions, showed that while respondents generally understand the importance of protecting data, including backups, from cybercriminals, the measures and practices they have in place are insufficient to safeguard the storage infrastructure and avoid excessive downtime when restoring data.

Among the findings:

  • More than 90% of organizations indicated that they perform regular backups with offline copies to prevent ransomware attacks, but only 40% utilize immutable backups to guarantee the safety, security and immediate availability of their data.
  • Less than 5% have no cybersecurity measures related to data storage at all.
  • Thirty-one percent of organizations conduct security audits or assessments of their data storage infrastructures “as needed” with 28.57% performing audits annually; 21.43% quarterly; and 19.05% biannually.
  • More than a quarter of respondents do not formally assess the effectiveness of their cybersecurity measures, and only 12% conduct monthly data recovery exercises. Most troubling: almost a third perform no regular testing at all to verify their ability to recover from an attack.
  • Seventy-seven percent of respondents believe that downtime from a breach should be less than 24 hours. Fewer than a third (32.5%) are confident they could fully recover business operations within hours or minutes of a cyber incident.

Nexsan experts advise immutable backups, which are impervious to alteration, deletion, or encryption by the malware vector. Regularly testing data protection systems, including monthly “dress rehearsals” of attack scenarios, ensures cybersecurity measures work as intended. While the expectation of recovering within 24 hours is acceptable, without proper defenses and testing, organizations should have more realistic expectations.

“Cybercriminals have become more sophisticated, and exploit vulnerabilities in backup and storage systems to affect both primary and secondary data,” said Charles Burger, Director of Cybersecurity Solutions at Nexsan. “This survey revealed that even organizations that have been victims of cyberattacks are often failing to ensure they are fully protected, and it’s incumbent on vendors to engage in better education about cybersecurity threats and defenses.”

Nexsan has developed a portfolio of solutions with data protection and recovery in mind. The company’s Unity™ NV6000, a unified storage system with built-in immutable snapshots, Amazon S3 support and enhanced disk-to-disk backup capabilities is tailored to meet the demands of modern IT environments. Unity NV6000 excels in consolidating SAN and NAS workloads while simplifying storage infrastructure management. Its adaptability, reliability, data protection, scalability and streamlined management ensure organizations are positioned for long-term success in the ever-evolving digital landscape.

Offering built-in security, compliance and ransomware protection through its immutable volume and file system snapshot feature, which provides a robust defense to any accidental or malicious alterations, Unity NV6000 provides high availability with dual-active controllers to enhance data redundancy, reducing the risk of disruptive downtime and ensuring uninterrupted business operations. When utilized in conjunction with Nexsan’s Assureon® active data vault, SMEs enjoy unbreakable backup for the ultimate in data protection.

About Nexsan®

Nexsan® is a global leader in enabling customers to securely store, protect, and manage data. Established in 1999, Nexsan has earned a reputation for delivering the most highly reliable, secure, and cost-effective storage while always remaining agile to continuously deliver purpose-built storage and data management solutions that meet complex and ever-changing IT, business, and budgetary requirements. Nexsan’s patented technology is ideal for a variety of use cases including backup and recovery, content delivery and streaming, scientific lab data, virtualization, evidentiary data, digital video surveillance, regulatory compliance, and healthcare records. For further information, please visit www.nexsan.com.

Contacts

Media Contact:
Judy Smith, JPR Communications
818-522-9673 judys@jprcom.com

Contacts

Media Contact:
Judy Smith, JPR Communications
818-522-9673 judys@jprcom.com