Threats to Data Security Will Drive Data Management Changes in 2023
As enterprises collect more data, they’re increasingly the target of ransomware. Enterprises will need to focus on two key trends to keep their data safe.
- By Surya Varanasi
- December 7, 2022
Ransomware isn’t just targeting large enterprises anymore. Today’s cyberattacks are aimed at businesses of all sizes -- and individuals. We look at two key trends from 2022 that drew the attention of enterprises no matter what their revenue, and two important trends in 2023 that will drive how they respond to the growing threats.
2022 Trends
Trend #1: Ransomware goes after small and mid-sized companies
Although small and mid-size businesses (SMBs) suffer from similar IT and business pain points as their enterprise counterparts, their budgets for acquiring innovative technology and the manpower available to manage it can differ greatly. For example, data protection and security remained a top priority across SMBs and enterprises alike, especially in the face of an ever-escalating ransomware threat. What we saw over the past year was SMBs seeking solutions that offered enterprise capabilities, but could be delivered in smaller, more affordable, easier-to-manage form factors.
As a result, many vendors recognized that one size does not fit all and instead offered enterprise-class features such as in-line compression, data-at-rest encryption, intelligent data backup, cloud connectors, and anomaly detection at sizes and prices ideal for SMBs as well as enterprise edge use cases (which embody many of the characteristics and resource constraints as SMBs).
Trend #2: More enterprise workloads require top performance
Enterprises are adopting real-time applications that collect, analyze, and act on streaming data as it happens. As a result, innovative all-flash, non-volatile memory express (NVMe) platforms entered the market, engineered from the ground up with the superior performance, capacity, and flexibility necessary to address these apps’ speed requirements.
In addition, with ransomware remaining top of mind, the prevailing NVMe platforms this year also offered built-in features and functionality critical for ensuring data security, regulatory compliance, and fast recovery from ransomware attacks.
2023 Trends
Given what’s happened in 2022, enterprises need to keep their eyes focused on the following two trends.
Trend #1: Ransomware will become increasingly aggressive
This aggression won’t just be from a commercial standpoint, but from a nation-state warfare perspective as well. Verizon’s 2022 Data Breach Investigations Report reminded us how this past year illustrated
... how one key supply chain incident can lead to wide-ranging consequences. Compromising the right partner is a force multiplier for threat actors. Unlike a financially motivated actor, nation-state threat actors may skip the breach altogether and opt to simply keep the access to leverage at a later time.
For this reason, channel solutions providers and end users will prioritize data storage solutions that can deliver the most reliable, real-world-proven protection and security. Features such as lockdown mode, file fingerprinting, asset serialization, metadata authentication, private blockchain, and robust data verification algorithms will transition from nice-to-have to must-have. Immutability will become a ubiquitous data storage feature. Solutions that do not offer these attributes -- and more -- won’t even come close to making it onto any organization’s short list.
Trend #2: Consumer attitudes towards online security and privacy will heighten
Although enterprises getting hacked and hit by ransomware continue to make the headlines, cybercriminals have begun to hit not just enterprise businesses with deep pockets but SMBs and individuals. SMBs and individuals are actually far more vulnerable to successful attacks because they do not have the level of protection that larger enterprises have the budgets to employ. As work from home and work from anywhere remain the paradigm for many across the data and analytics field, they will require data protection and security solutions that can protect them wherever they are.
In the coming year, the ideal cybercrime defense will be a layered defense that starts with a powerful password and continues with unbreakable backup. As mentioned, backup has become today’s cyber criminals' first target via ransomware and other malware. An unbreakable backup solution, however, can provide users with two of the most difficult hurdles for cyber criminals to overcome: immutable snapshots and object locking.
Immutable snapshots are, by default, write-once read-many (WORM), but in the coming year sophisticated yet easy-to-manage features such as encryption (where the encryption keys are located in an entirely different location than data backup copies) will become standard.
To further fortify the backup and thwart would-be criminals in the coming year, we will see users leveraging object locking so that data cannot be deleted or overwritten for a fixed time period -- or even indefinitely.
About the Author
Surya Varanasi is the CTO at StorCentric. In his career, Varanasi co-founded Vexata and served as vice president of R&D at EMC where he was responsible for the VIPR data platform, SRM (storage resource manager), AppSync (snapshot management), UIM (VCE) and Smarts network management. Before EMC, Surya was VP of R&D at VMware where he managed ESXi, vCenter and the Graphics teams. He has over 30 patents in the fields of networking, storage, and video stream processing. You can reach the author via email or LinkedIn.