Time for AI: Standard backups are no longer enough

By Ezat Dayeh, Cohesity
Cohesity’s Senior Systems Engineering Manager, Western Europe Ezat Dayeh on the importance of AI when protecting data
Ezat Dayeh

New ransomware variants destroy backup data before they encrypt production data. Therefore, companies need intelligent security solutions in combination with secured data that cannot be changed.

In some ways, the competition between cybercriminals and security experts resembles the famous race between hare and hedgehog. At first, hackers primarily encrypted production data. Companies fought back with solutions that allowed data to be restored quickly via backups. 

Then the attackers shifted to destroying or encrypting backups. IT countered with immutable backups. Now the criminals are pulling data and threatening to publish it on the dark web. As a result, companies are once again faced with the question of how to adequately secure their data. 

AI instead of traditional tools

Many conventional or legacy tools only detect attacks using known virus signatures, IP addresses or attack patterns. However, they often cannot detect and defend against new types of attacks from unknown sources. 

To defend against current attacks, companies should therefore also deploy next-gen data management solutions with built-in artificial intelligence and machine learning (AI/ML) capabilities. These technologies can be used to trigger alerts that can notify the IT data admin when the backup data changes or ingest rates fall outside the norm based on historical trends -- all of which could indicate an attack has taken place. The capabilities can also indicate, for example, when a user accesses large amounts of sensitive data at unusual times. Integration with security orchestration, automation and response (SOAR) platforms can then be used to trigger defensive measures or further authentication via an additional factor.

Companies should complement this with integrated data security and data governance solution. They can then use AI/ML systems to classify their data to identify sensitive information - including personal data. Only when it is known what sensitive data is stored where can it be determined who has access to it to protect it from attack. Data classification with predefined guidelines, such as for the DSGVO, makes compliance easier.

Immutable backups

Despite all precautions, a data theft or ransomware attack can be successful. In this case, companies need the ability to restore data quickly. But the backups must not have been altered beforehand, for example through unwanted encryption or deletion by an attacker. Therefore, it’s critical that customers embrace next-gen solutions that offer immutable backup snapshots. Immutability helps ensure that no unauthorised user or application can modify the ‘gold’ copy of the backup. Any attempts to modify the ‘gold’ copy will automatically create a zero-cost clone.     

If this feature is embedded from the start, the original copy of the data is safer from unwanted manipulation. In addition, it is recommended to activate DataLock in the backup policy. The snapshot is then provided with a time-limited lock that even the security officer cannot delete.

For even greater security, look for solutions that provide data on the frequency of files accessed, and the number of files that are modified, added to, or removed by a particular user or application.

There is also the option to store an isolated copy in an externally managed data vault. This makes data even more resistant to ransomware attacks. In addition to immutability, this gives companies another way to protect themselves from attackers who want to encrypt data.

Last but not least, in the event that you are attacked, recovering quickly is the name of the game. Therefore, look for next-gen data management solutions that offer instant mass restore capabilities so that you can minimise downtime while keeping your brand intact and your customers happy. 

Relying on traditional backups as insurance is no longer enough. Modern systems offer AI/ML solutions to detect and defend against even novel attacks. Should they still succeed, immutable backups can help enable fast and reliable data recovery. 

Share
Share

Featured Articles

Upskilling Global Workers in AI with EY’s Beatriz Sanz Saiz

We speak with Beatriz Sanz Saiz, EY Global Consulting Data and AI Leader, about how AI shapes the global workforce and how EY is harnessing ethical AI

Intuitive Machines: NASA's Odysseus bets on Private Company

Discover more about the small private company that landed the first US spacecraft on the moon in 50 years, with NASA continuing to test new technologies

Unveiling Gemma: Google Commits to Open-Model AI & LLMs

Tech giant Google, with Google DeepMind, launches Gemma, consisting of new new state-of-the-art open AI models built for an open community of developers

Sustainability LIVE: Net Zero a Key Event for AI Leaders

AI Strategy

US to Form AI Task Force to Confront AI Threats to Safety

AI Strategy

Wipro to Advance Enterprise Gen AI Adoption with IBM watsonx

AI Strategy