One issue is probably to blame for your IT outages and data losses – and it’s not hackers

Facing the unique challenges of a ransomware attack
Lester Godsey, chief information security officer in Mesa, AZ, discusses how ransomware attacks have changed in the past few years and how to adapt to those changes.

A hardware failure is most likely to cause unexpected downtime or data loss, but the damage caused by security threats like viruses and ransomware continue to rise.

Broken equipment and human error remain the top causes of data loss over the last 12 months, while hardware failures, connectivity issues and problems caused by upgrades or patching were blamed as the biggest causes of downtime in a survey of 400 IT decision-makers.

But while those reasons for outages have held reasonably stable over the years, outages and data loss caused by cyber attacks have jumped significantly according to the survey by security company Databarracks.

"The stats paint a clear picture of rising cyber incidents. Cyber attacks as a cause of downtime have doubled since 2016. They have almost doubled as the cause of data loss. This trend will continue," the report said.

Looking into the detail of cyber incidents, while virus attacks remain the most common threat, they are apparently declining. "The arc of virus infections -- starting at 25% in 2016, rising to a high of 48% and then decreasing to 40% today -- symbolises the constant tug of war between cyber security and criminal actors," the report said, somewhat poetically.

Ransomware incidents have increased again this year after a slight decline last year. The survey found that 28% of companies said they were affected by ransomware, closely followed by phishing attacks.

Against this background of failures and outages, half of respondents said they had tested out elements of their disaster recovery in the last12 months, while another quarter said they had plans. But it also seems that responsibility for business continuity is rising up the organisation: operations, finance directors and managing directors are taking more responsibility for this from IT managers and CIOs.

Databarracks said that having a cyber incident response plan -- including recovery from backup -- is critical.

"When recovering from ransomware, your aims are to minimise both data loss and IT downtime. Outright prevention is not viable, so organisations should focus on organising their defensive and preventative strategies to reduce the impact of an attack," said the company's managing director Peter Groucutt.

Comments are closed.