Whichever option a business chooses, the backup repository itself must be protected against attack with an ultra-resilient media type. These could be in all manner of forms: from system disks and external hard drives, to offline tape devices and cloud backups. Given that cyber-criminals using ransomware to blackmail businesses are looking for data, in theory they can find whatever they need in an organization’s backed up files. While this is, of course, a good thing, imagine the blackmail potential for a cyber-attacker of gaining access to a backup of an organization’s entire digital infrastructure? The Veeam 2019 Cloud Data Management report found that over two thirds of organizations are producing backups of their data. One area where encryption is vital to bolster organizations’ defenses against ransomware and insider threats is implementing ‘nearline’ encryption on data backups. Are backups cyber-crime’s high-value target? These contrasting figures suggest there is a sizable gap between how enterprises generally are leveraging encryption versus major web platforms and service providers.
Zscaler’s IoT in the Enterprise found that 91.5% of traffic on enterprise IoT networks is non-SSL encrypted. However, it is less clear what percentage of enterprises’ data is encrypted. According to Duo’s Privacy in the Internet Trends report, 87% of web traffic is encrypted – a number that is rising all the time. If malicious threats cannot ‘see’ your data, it’s more difficult for them to use it against you. Making good use of encryption is also key for organizations.