StorageGuard - by Continuity™ - is the ONLY Security Posture Management solution for Storage & Backups, helping to ensure these systems are securely configured, and compliant with industry & security standards.
The financial industry is rightfully alarmed by the increase in both the amount and sophistication of data-centered attacks – primarily ransomware.
We’ve all read the news. This is no longer a question of if, but how.
When an organization’s data is compromised, the last line of defense is its storage and backup environments. The fact that so many financial services organizations eventually choose to pay the ransom simply because they see no other solution, leads to serious concerns regarding the industry’s storage and backup security maturity.
But how do security teams prepare for these rising risks?
Sometimes the best way for CISOs to plan ahead is by first knowing enough about rising trends and following the influencers.
CISO MAG & Continuity Security Intelligence Report – the first of its kind – has just been released, revealing key trends in storage and backup security management. Sampling 200 security experts from financial services firms and banks from 45 countries, the survey is the result of a collaboration between Continuity and CISO MAG.
Topics surveyed:
In search of structured analysis of the market maturity, challenges, and gaps, we were shocked to discover that too little work was done.
Nearly 70% of respondents believe an attack on their storage environment will have ‘significant’ or ‘catastrophic’ impact.
In the financial and banking industries, digital data worth may be so high that a well orchestrated attack on both storage and backup could wipe out a significant amount of the organization’s value, potentially affecting entire economies.
Confidence among security teams is usually derived from technical capability, availability of resources and infrastructure, and proven compliance with industry standards.
When asked about the level of confidence in the organization’s ability to recover data in the event of a ransomware attack, almost 60% of respondents mentioned that they are not confident in their ability to recover from such an event.
Financial services is one of the most heavily regulated industries. Audits are performed both internally and externally and tend to evolve year-over-year based on advances in technology, industry regulation changes, and shifts in the threat landscape.
It was interesting to learn how pervasive storage and backup security controls have become, as part of IT auditing. In fact, more than two-thirds of respondents identified securing storage and backup being specifically addressed in recent external audits.
We all know that establishing a focus area for vulnerability assessment and management processes is an effective step towards strengthening an organization’s information security. Therefore, the fact that storage and backup are low on the list of priorities (the two least focused upon points) definitely shows there is a gap we, as an industry, need to close.
Maybe this finding is not that surprising given the fact that data storage, backup, and recovery management have always been demanding tasks.
However, given that storage and backup compromise are at the heart of all current ransomware kits, surely the time has come for us to boost our knowledge – as well as our strategies – in protecting and hardening our storage and backup systems.
Storage and backup security is an evolving practice. Given how lucrative organizational data and its growing business value have become, it is important to realize that we are all in an arms-race with cyber criminals.
The honest feedback provided by the participants of this survey shows that there is still much to be desired. Most financial services firms and banks have not yet reached a satisfactory level of storage and backup maturity.
The 5 key opportunities for improvement include:
…and much more.
Read the full report to learn more
It’s time to automate the secure configuration of your storage & backup systems.
Virtual Panel with Check Point, Qualys and Rapid7: Vulnerability Management 2025 Innovations – January 16
Register