Stay in-the-know with all things storage & backup security,
vulnerability management, and ransomware protection
It’s all about the data. One thing is clear. The “business value” of data continues to grow, making it an organization’s primary piece of intellectual property. And from
In August, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) issued a joint alert about the emergence of BlackSuit ransomware,
The Australian Cyber Security Centre (ACSC) has developed the Essential Eight, a set of baseline mitigation strategies designed to protect organizations against a wide range of
On July 29, a critical vulnerability in Acronis Cyber Infrastructure (ACI), tracked as CVE-2023-45249, was highlighted by CISA as being actively exploited by malicious actors. This
Organizations are increasingly outsourcing their storage and backup operations to managed service providers (MSPs). While this strategy can offer cost savings, it also introduces severe risks,
Configuration drift happens when the configurations of storage & backup systems and software deviate from a baseline or standard configuration over time. When this happens, it
Given the importance of backup and recovery systems in any organization, maintaining a comprehensive and up-to-date inventory of all backup infrastructure is critical. A general-purpose inventory
The integration between backup software and a disk array is crucial for implementing immutable backups. To achieve backup immutability, the backup software needs to leverage the
Since backups are becoming lucrative targets for cybercriminals, vendors like Cohesity, Commvault, Dell, Rubrik, Veeam and Veritas have responded with new ransomware protection features – including immutability.
Over the past few months there has been a significant increase in publicized attacks on storage & backup systems, e.g. You can read more about these
When it comes to backups, there’s an interesting debate as to whether you should connect your backup systems to Active Directory (AD) or not, and for
What this is about? This time-based attack happens when an attacker manipulates insufficiently-secure time sync configuration to trick the backup systems into thinking that “X” number
On September 27th, Johnson Controls International announced a massive ransomware attack, that encrypted many of the company devices, including VMware ESXi servers. This impacted the company’s
In the world of cybersecurity, staying ahead of threats and vulnerabilities requires a multifaceted approach. Two prominent solutions in this field are StorageGuard and Rapid7 InsightVM. While both tools have distinct focuses, they also complement each other in ways that can significantly enhance an organization’s security posture. In this blog post, we will delve into the key features, benefits, and how these two solutions work together seamlessly.
StorageGuard’s security validation checks cover a wide range of system components, access controls, authentication mechanisms, encryption settings, monitoring configurations, and more. These checks are specifically tailored to ensure that Cohesity DataPlatform adheres to industry best practices and security standards.
To ensure compliance with DORA and to get ahead of the regulators, CISOs should take the following 6 steps to ensure that their storage and backup systems are secure and resilient
StorageGuard plays a critical role in your cyber resiliency strategy, by helping you increase usage & adoption of your existing data protection tools – and subsequently get more out of your current investment.
In the past two years, cybercriminals have become increasingly skillful at destroying the organizational backup first, only then locking the data – leaving victims no choice but to pay the ransom. Given how long this trend has been around, and the devastating impact of a successful attack, one would expect organizations would get things under control by now. If anything, the situation is worsening.
The ETC Program underscores Dell’s commitment to offer customers flexibility and choice with complimentary solutions such as StorageGuard for protecting their critical systems from cyberattacks and insider threats.
Cyber insurance provides a cushion to fall back on in a successful cyber-attack, providing coverage for damages caused by data loss.
Compliance to industry standards and regulatory mandates can absorb a huge amount of time. Organizations need to verify they comply with the different requirements of security frameworks and regulations such as CIS, NIST, PCI DSS, ISO, and others.
CISOs rely on information from across the organization about security, particularly from the various IT departments. Unfortunately, the information being fed to CISOs about the state of cybersecurity risk is incomplete. There is a blind spot present – a gaping hole.
2022 clearly demonstrated that attacks on data represent the greatest cyber-threat organizations face. The attack pace not only continued, it accelerated.
Gartner recently emphasized the need for much stricter security in a recent report. Gartner analyst Julia Palmer focused on emerging innovative storage and data protection technologies.
Here are just a few of the areas that must be considered to ensure thoroughness in verifying backup and storage compliance
Why storage managers need to prepare for the ransomware scourge?
Why storage managers need to prepare for the ransomware scourge?
Storage is becoming a prime target of cybercriminals as they attempt to infiltrate the enterprise. Faced with a wall of perimeter defenses, security safeguards, and well-patched
A lot of money is being spent to proof up the enterprise against intrusion. Ransomware protection is currently in the spotlight – and with good reason.
Introduction We analyzed data from a large number of storage risk assessments, to provide a unique insight into the state of storage security. The analyzed data
Background to the Gartner Hype Cycle For Storage & Data Protection The latest 2022 Gartner Hype Cycle report for Storage and Data Protection has just been published and
It’s all about the data. One thing is clear. The “business value” of data continues to grow, making it an organization’s primary piece of intellectual property.
The average cost of recovery from a ransomware attack has more than doubled in a year, according to a Sophos survey. The global report also shows
In the first of its kind, Continuity published a new report that provides an analysis of the vulnerabilities and security misconfigurations of enterprise storage & backup
Introduction When data is compromised, the last line of defense is your backup. In the past year, the tactics being used by cybercriminals have changed. And
I hear this a lot: “Why do I need to scan my storage & backup systems for security risks? Don’t my storage vendors already do this
Written by CISOs, for CISOs This article provides highlights from our ‘CISO Point of View: The ever-changing role of data, and the implications for data protection
Data plays an increasingly important role in the modern enterprise. With digitization, data comes much closer to the customer – with large amounts of data being
Cyberstorage gained more attention in the media in 2021 with the rise in data storage hacks, ransomware attacks, and cases of immutable storage erased. As these
A few words about the author: John Meakin is a seasoned and experienced CISO with more than 30 years of experience in various financial services companies,
In October 2021, Gartner published its “Innovation Insight for Cyberstorage Solutions to Protect Unstructured Data Against Ransomware.” We were thrilled to see the authors shine a light on the need to put active defenses around a company’s most valuable asset – the data it houses in storage and backup systems.
The financial industry is rightfully alarmed by the increase in both the amount and sophistication of data-centered attacks – primarily ransomware. We’ve all read the news.
Experience is the mother of wisdom, or so the famous proverb goes. And there’s definitely something to that: the more of life we’ve experienced, the more
A new critical vulnerability (CVE-2021-44228) was identified in Apache Log4J – widely used by numerous applications, services and frameworks. This vulnerability received the highest CVSS severity score of 10.
UnitedHealth Congressional Testimony Reveals Failed Backup Strategy The ransomware attack on UnitedHealth earlier this year is quickly becoming the healthcare industry’s version of Colonial Pipeline, prompting congressional
It’s time to automate the secure configuration of your storage & backup systems.