Backups are NOT enough

The world has gone crazy with the plethora of ransomware attacks over the past couple of years. Companies and people are responding by building recovery strategies, so they can recover their data if (I think it more like when) they are attacked.

However, recent ransomware victims are learning that having a recovery strategy is not enough. Sure, you may be able to get back up and running, but ransomware attacker have also changed. In a 2021 first half update, research showed that over 40% of attackers are now using a dual attack approach. In this they are not only encrypting your data, but also stealing it — so if you do not pay the ransom because you can recover, they will expose the data and you will still suffer the consequences.

While data replication and backups, air gapped copies, cyber vaults, etc. are all important, they alone will NOT protect you from a ransomware attack. The best defense is to not let anyone through the gates, and prevent access before it can start. Zero Trust is key to doing this, since it assumes the worst (that you have no access, and are not trusted) until proven otherwise.