Blog

New Federal Cybersecurity Mandates Enacted and SEC Rules Proposed, Amidst Never-Ending Ransomware Attacks

Reading Time: 5 minutes

March 17, 2022

By Rich Gadomski, Head of Tape Evangelism

As I started to write this blog on recent ransomware observations, an email message popped up on my PC from our IT department advising of additional and more stringent security enhancements taking place almost immediately to toughen my company’s cybersecurity and increase our protection against current and emerging threats. A sign of these cybercrime times, indeed!

Ransomware Trending
According to a February 2022 Alert from CISA (Cybersecurity & Infrastructure Security Agency), 2021 trends showed an increasing threat of ransomware to organizations globally with tactics and techniques continuing to evolve in technological sophistication. So-called “big game” organizations like Colonial Pipeline, Kronos, JBS, Kaseya, and SolarWinds made the ransomware headlines over the past year or so. But according to the CISA Alert, by mid-2021, many ransomware threat actors, under pressure from U.S. authorities, turned their attention toward mid-sized victims to reduce the scrutiny and disruption caused by said authorities.

In a recent Enterprise Strategy Group (ESG) study, 64% of respondents said their organization had paid a ransom to regain access to data, applications, or systems. These findings are supported by the latest Threat Landscape report from the European Union Agency for Cybersecurity. It highlighted a 150% rise in ransomware in 2021 compared to 2020. The agency expects that trend to continue, and even accelerate in 2022.

But these numbers hide the stark reality of the ransomware scourge. Gangs like DarkSide, REvil, and BlackMatter are terrorizing organizations with ransomware – and they are getting smarter and more organized. They have moved beyond the basic ploy of infecting files, locking users out of their data, and demanding a fee. They still want money. But they also endanger reputations by exposing attacks, blackmailing companies by threatening to reveal corporate or personal dirty laundry, and selling intellectual property (IP) to competitors.

As a result, cybersecurity spending has become a priority in most organizations. According to ESG, 69% of organizations plan to spend more on cybersecurity in 2022 than in the previous year, while 68% of senior IT decision-makers identify ransomware as one of their organization’s top 5 business priorities.  Such is the fear factor that organizations are now treating cybersecurity ahead of other organizational imperatives such as the cloud, artificial intelligence (AI), digital transformation, and application development.

New Federal Mandate and the SEC Takes Action
On March 15th, in an effort to thwart cyberattacks from foreign spies and criminal hacking groups, President Biden signed into law a requirement for many critical-infrastructure companies to report to the government when they have been hacked. This way, authorities can better understand the scope of the problem and take appropriate action.

It’s also no wonder that the Security and Exchange Commission (SEC) is taking action. On March 9th, the SEC voted 3 to 1 to propose reporting and disclosures related to cybercrime incidents and preparedness. In a nutshell, the SEC will be asking publicly traded companies:

  • To disclose material cybersecurity incidents
  • To disclose its policies and procedures to identify and manage cybersecurity risks
  • To disclose management’s role and expertise in managing cybersecurity risks
  • To disclose the board of director’s oversight role

Specifically, the SEC will want to know:

  • Whether a company undertakes activities to prevent, detect and minimize the effects of cybersecurity incidents
  • Whether it has business continuity, contingency, and recovery plans in the event of a cybersecurity incident
  • Whether the entire board, certain board members, or a board committee is responsible for the oversight of cybersecurity risks
  • Whether and how the board or board committee considers cybersecurity risks as part of its business strategy, risk management, and financial oversight

Holding publicly traded companies and their boards accountable for best practices in combating ransomware is a big step in the right direction and will no doubt free up the required budgets and resources.

Lowering the Fear Factor
Cybersecurity is already a top spending priority for 2022 and with SEC regulations looming, will likely continue to be a priority for quite some time. Companies are busy beefing up the tools and resources needed to thwart ransomware. They are buying intrusion response tools and services, extended or managed detection and response suites, security information and event management platforms, antivirus, anti-malware, next-generation firewalls, and more, including cybercrime insurance policies.

What may be missing in the spending frenzy, however, are some fundamental basics that can certainly lower the fear factor. Backup tools are an essential ingredient in being able to swiftly recover from ransomware or other attacks. Similarly, thorough and timely patch management greatly lowers the risk of hackers finding a way into the enterprise via an unpatched vulnerability.

Another smart purchase is software that scans data and backups to ensure that no ransomware or malware is hidden inside. It is not uncommon for a ransomware victim to conduct a restore and find that its backup files have also been corrupted by malware. Cleansing data that is ready to be backed up has become critical. These are some of the fundamental basics that need to be in place in the fight against ransomware. Organizations that neglect them suffer far more from breaches than those that take care of them efficiently.

Adding an Air Gap
Another fundamental basic is the elegantly simple air gap. When data is stored in the cloud, on disk, or in a backup appliance, it remains connected to the network. This leaves it vulnerable to unauthorized access and infection from bad actors. An air gap is essentially a physical gap between data and the network. It disconnects backed up or archived data from the Internet.

Such a gap commonly exists by partitioning in, or removing tapes from, an automated tape library and either storing them on a shelf or sending them to a secure external service provider. If that data is properly scanned prior to being backed up or archived to ensure it is free of infection, it offers certainty that a corruption-free copy of data exists. If a ransomware attack occurs, the organization can confidently fall back on a reliable copy of its data – and avoid any ransom demands.

Effectively Combatting Ransomware
There is no silver security bullet that will 100% guarantee freedom from ransomware. It is truly a multi-faceted strategy. Implementation of best-of-breed security tools is certainly necessary. But they must be supported by the steadfast application of backup and patching best practices and the addition of a tape-based air gap.

CISA, the FBI, and cybersecurity insurance companies all recommend offline, offsite, air-gapped copies of data. This can be achieved cost-effectively with today’s removable, and highly portable modern tape technology. The boards of publicly traded companies will likely want to do whatever it takes to demonstrate compliance with best practices to meet the SEC requirements. This should include air-gapped tape as part of a prudent and comprehensive strategy. A best practice in these cybercrime times, indeed!

 

Read More

5 Ways an Active Archive can Mitigate the Risk of Ransomware

Reading Time: 2 minutes

December 27, 2021

By Rich Gadomski

As we head into 2022, I recall a quote from an IT industry executive who said in his 2021 predictions: “Ransomware is just in its infancy”.  Indeed, ransomware reigns as today’s chief malware threat with no signs of subsiding anytime soon. Businesses may lose revenue, employee talent, customers, and even shut down from a ransomware attack. Coupled with the ransomware problem, exponential data growth challenges organizations with gathering, storing, and protecting their data cost-effectively with limited budgets. Strong data governance through active archive solutions helps organizations mitigate ransomware attacks and provides a framework for strategically managing their data growth.

A New White Paper by DCIG

In a recently published white paper by the Data Center Intelligence Group (DCIG), commissioned by the Active Archive Alliance, it is stated that active archiving solutions offer permanent and long-term protection for archived data against malicious intrusion as well as accidental data loss or corruption.

The report highlights numerous ways that active archive solutions can provide ransomware mitigation including:

  1. Protecting archive data from modification. WORM (write once, read many) and retention management features keep archived data safe from malicious encryption or overwrite.
  2. Replicating archived data and securing offline storage. Active archive solutions may secure archived data through offline storage, providing an air gap defense that removes the data from the network where it cannot be attacked. Archived data may be replicated for additional protection.
  3. Replicating data to a secure cloud. Data remains online in a secure cloud, protecting it with security features like Secure Socket Layers (SSL) encryption and multi-factor user authentication.
  4. Supporting 3-2-1 data archiving. The 3-2-1 model maintains three replicated copies stored on two different storage types, such as a disk-based backup system, a secure cloud platform, and online or offline tape.
  5. Enabling rapid recovery. The more data sets that reside in primary storage, the greater the opportunity for hackers. Active archiving minimizes attack opportunities in primary storage by identifying and moving inactive files to secure cloud and offline archives. This approach leaves fewer data sets to test and recover on primary storage and primary backup, speeding up recovery with minimal business impact.

Let’s hope 2022 does not represent the “terrible 2s” as ransomware matures from its infancy. But if it does, it’s good to have strategic solutions like an active archive that help manage both the data and the threat!

Download the full report here: Mitigating Ransomware through Active Archive Solutions

 

Read More

LTO-9 Coming to Market at the Right Time with the Right Features to Address the Many Challenges Facing IT Today

Reading Time: 5 minutes

September 9, 2021

By Rich Gadomski, Head of Tape Evangelism

As recently announced by Fujifilm, LTO-9 has arrived and is available for immediate delivery. It certainly comes at a time when the IT industry is so challenged to manage rampant data growth, control costs, reduce carbon footprint and fight off cyber-attacks. LTO-9 is coming to market just in time to meet all of these challenges with the right features like capacity, low cost, energy efficiency, and cyber security.

What a Great Run for LTO
First of all, it is remarkable to look at how far LTO Ultrium technology has come since its introduction. LTO made its market debut in 2000 with the first generation LTO-1 at 100/200 GB native/compressed capacity with 384 data tracks. Transfer rate was just 20 MB native and 40 MB compressed per second. Fast forward 21 years to the availability of LTO-9 now with 18/45 TB native/ compressed capacity on 8,960 data tracks, with transfer rate increasing to 400 MB per second, 1,000 MB per second compressed! In terms of compressed capacity, that’s a 225X increase compared to LTO-1. Since 2000, Fujifilm alone has manufactured and sold over 170 million LTO tape cartridges, a pretty good run indeed.

Capacity to Absorb Bloated Data Sets
We are firmly in the zettabyte age now and it’s no secret that data is growing faster than most organizations can handle. With compound annual data growth rates of 30 to 60% for most organizations, keeping data protected for the long term is increasingly challenging. Just delete it you say? That’s not an option as the value of data is increasing rapidly thanks to the many analytics tools we now have to derive value from it. If we can derive value from that data, even older data sets, then we want to keep it indefinitely. But this data can’t economically reside on Tier 1 or Tier 2 storage. Ideally, it will move to Tier 3 tape as an archive or active archive where online access can be maintained. LTO-9 is perfect for this application thanks to its large capacity (18 TB native, 45 TB compressed) and high data transfer rate (400 MB sec native, 1,000 MB sec compressed).

Lowest TCO to Help Control Costs
Understanding your true total cost of ownership is of vital importance today as exponential data growth continues unabated. The days of just throwing more disk at storage capacity issues without any concern for cost are long gone. In fact, studies show that IT budgets on average are growing at less than 2.0% annually yet data growth is in the range of 30% to 60%. That’s a major disconnect! When compared to disk or cloud options, automated tape systems have the lowest TCO profile even for relatively low volumes of data less than one petabyte. And for larger workloads, the TCO is even more compelling. Thanks to LTO-9’s higher capacity and fast transfer rate, the efficiency of automated tape systems will improve keeping the TCO advantage firmly on tape’s side.

Lowest Energy Profile to Reduce Carbon Footprint
Perhaps of even greater concern these days are the environmental impacts of energy-intensive IT operations and their negative effect on global warming and climate change. You may have thought 2020 was a pretty bad year, being tied for the hottest year on record with 2016. Remember the raging forest fires out West or the frequency of hurricanes and tropical storms? Well, it turns out 2021 is just as bad if not worse with the Caldor Fire and Hurricane IDA fresh in our memory.

Tape technology has a major advantage in terms of energy consumption as tape systems require no energy unless tapes are being read or written to in a tape drive. Otherwise, tapes that are idle in a library slot or vaulted offsite consume no energy. As a result, the CO2 footprint is significantly lower than always on disk systems, constantly spinning and generating heat that needs to be cooled.  Studies show that tape systems consume 87% less energy and therefore produce 87% less CO2 than equivalent amounts of disk storage in the actual usage phase. More recent studies show that when you look at the total life cycle from raw materials and manufacturing to distribution, usage, and disposal, tape actually produces 95% less CO2 than disk.  When you consider that 60% to 80% of data quickly gets cold with the frequency of access dropping off after just 30, 60, or 90 days, it only makes sense to move that data from expensive, energy-intensive tiers of storage to inexpensive energy-efficient tiers like tape. The energy profile of tape only improves with higher capacity generations such as LTO-9.

 

A Last Line of Defense Against Cybercrime
Once again, 2021 is just as bad if not worse than 2020 when it comes to cybercrime and ransomware attacks. Every webinar you attend on this subject will say something to the effect of: “it’s not a question of if; it’s a question of when you will become the next ransomware victim.” The advice from the FBI is pretty clear: “Backup your data, system images, and configurations, test your backups, and keep backups offline.”

This is where the tape air gap plays an increasingly important role. Tape cartridges have always been designed to be easily removable and portable in support of any disaster recovery scenario. Thanks to the low total cost of ownership of today’s high-capacity automated tape systems, keeping a copy of mission-critical data offline, and preferably offsite, is economically feasible – especially considering the prevalence of ransomware attacks and the associated costs of recovery, ransom payments, lost revenue, profit, and fines.

In the event of a breach, organizations can retrieve a backup copy from tape systems, verify that it is free from ransomware and effectively recover. The high capacity of LTO-9 makes this process even more efficient, with fewer pieces of media moving to and from secure offsite locations.

The Strategic Choice for a Transforming World
LTO-9 is the “strategic” choice for organizations because using tape to address long-term data growth and volume is strategic, adding disk is simply a short-term tactical measure. It’s easy to just throw more disks at the problem of data growth, but if you are being strategic about it, you invest in a long-term tape solution.

The world is “transforming” amidst the COVID pandemic as everyone has to do more with less and budgets are tight, digital transformation has accelerated, and we are now firmly in the zettabyte age which means we have more data to manage efficiently, cost-effectively, and in an environmentally friendly way. The world is also transforming as new threats like cybercrime become a fact of life, not just a rare occurrence that happens to someone else. In this respect, LTO-9 indeed comes to market at the right time with the right features to meet all of these challenges.

Read More

Top 7 Questions Cyber Insurance Companies Will Ask Applicants Seeking Risk Protection from Ransomware and Top 5 Best Practices to Qualify

Reading Time: 4 minutes

June 22, 2021

By Rich Gadomski, Head of Tape Evangelism

With the recent high-profile cases of ransomware hitting the news cycle like Colonial Pipeline, JBS and others, it appears ransomware is not going away anytime soon and may just be in its infancy. Ransomware is a lucrative business model for cybercriminals with ransom demands that can reach into the millions of dollars as was the case with Colonial ($4.4 M) and JBS ($11.0). Ransomware-as-a-Service (RaaS) is making the barriers of entry extremely low, so we can expect to see more bad actors entering the business and more attacks across every industry.

The sense of urgency is ratcheting up as the C-suite is clearly focused on cybersecurity. I was speaking to one customer about deploying offsite/offline backup tapes as an air gap who said “Cybersecurity is the top focus for us in the next six weeks. We need to act fast”. In addition to shoring up cybersecurity plans, or putting key components in place, the notion of acquiring cyber insurance is cropping up and no doubt is also on the C-suite agenda.

So what is Cyber Insurance?

Cyber insurance, also referred to as cyber-liability insurance, seeks to help companies recover and mitigate the damage from cyberattacks such as ransomware, data destruction or theft, extortion demands, denial of service attacks, etc. This class of insurance has been around since the early 1990s and is rapidly evolving and growing in terms of revenue for insurance companies. One report I came across pegged the market for this type of insurance at $3.15 B in 2019 and is expected to rise to over $20 B by 2025. According to another report, about a third of all large U.S. companies carry cyber insurance.

Typical corporate insurance policies for general liability and property damage most likely don’t cover cybercrime, so cyber insurance has become a stand-alone offering specifically suited for cybercrime protection. Depending on the policy, below are just a handful of items that typically may be covered:

  • Incident response costs related to restoring systems to pre-existing conditions
  • Recovery cost of data or software that has been deleted or corrupted
  • The cost of cyber extortion including the negotiation and execution of ransom payments
  • Lost profits due to IT system downtime
  • Financial theft or fraud arising from the cyber attack
  • Physical asset damage
  • Data privacy liability

(more…)

Read More

Whiteboard Video: Using Artificial Intelligence in Cybersecurity

Reading Time: < 1 minute

April 29, 2020

Ransomware continues to threaten the security of enterprise IT infrastructures. In this Fujifilm Summit video, storage analyst George Crump talks to IBM’s Chris Bontempo about how artificial intelligence and machine learning are helping improve cybersecurity by identifying and stopping potential threats.

Watch the video here:

Read More

It’s Just a Matter of Time, as Storage Demands Rise

Reading Time: 2 minutes

Rich Gadomski
Vice President of Marketing
FUJIFILM Recording Media U.S.A., Inc

I recently returned from a speaking opportunity at the PRISM Conference held in Miami on May 8thand 9th where I spoke on the Role of Tape in Today’s Modern Offsite Storage Center. In addition to holding and protecting valuable data tape cartridges for archive, backup, and disaster recovery applications, offsite vaults also play a crucial role in providing an “air gap” against cyber criminals and their alarming malware and ransomware variants. Because of tape’s powerful value proposition, it provides this functionality particularly well. It’s easily portable, has the lowest total cost of ownership, is the most reliable storage medium today, and has long archival life and high capacity.

The audience, which included many regional data vault service providers from the U.S. and abroad, didn’t have to take my word on the value prop of tape. I backed it up with studies from leading IT research companies and articles from reliable publications such as the Wall Street Journal. I sprinkled in some news about tape usage from folks like Microsoft Azure. Finally, I detailed the bright future tape has based on its ability to continue to increase in areal density which will ensure increasing capacity and cost competitiveness without sacrificing performance, thanks in part to Fujifilm’s Barium Ferrite and Strontium Ferrite magnetic particle technology.

At the end of my presentation, during the Q&A, I got the following response and question: “Tape sounds great, how come we don’t see more tape volume flowing into our vaults?” One reason for this would be the increasing data densities of tape which would reduce unit volumes. Understandably this is not great for the vault service providers, but this is actually a great benefit for end users; they can store more data on fewer units. Another factor to consider is the ever-increasing popularity of cloud storage over say, the past five years. We have seen a move from on-premises, do-it-yourself storage to outsourced cloud services. This is especially true among startups and SMBs and specific verticals where the cloud can provide unique functionality such as compute and file sharing.

But as the world turns ever so slowly, so do market conditions. Now that data storage pros have gotten comfortable with what the cloud can do, they are also starting to understand some of the downsides such as high TCO associated with egress fees and bandwidth. Security concerns might be mounting too in light of escalating cybersecurity breaches.

So at some point, tape will make sense again for many of the folks who tried cloud, considering TCO, budget constraints and the need for air gap. It’s just a matter of time, as long as demand for storage keeps rising based on relentless data growth.  And so long as the hackers don’t quit on the highly profitable multi-trillion dollar business of cybercrime.

Read More

Tape Air Gap Provides Defense Against Cybercrime

Reading Time: < 1 minute

According to Juniper Research, cybercrime is expected to become a $2.1 trillion problem by 2019. Using tape-based, offline storage creates an “air gap” that can prevent hackers from accessing your data. In this video, Fred Moore, president of Horison Information Strategies, explains the benefits of tape storage for data security. 

Read More

LET’S DISCUSS YOUR NEEDS

We can help you reduce cost, decrease vendor lock-in, and increase productivity of storage staff while ensuring accessibility and longevity of data.

Contact Us >