There has been a major shift in the threat landscape, with the emergence of ransomware-as-a-service. The first step taken by threat actors is to knock out an enterprise’s ability to recover from an infection, by exploiting vulnerabilities in storage and storage management configurations.
A hacked storage system is the equivalent of hacking two hundred servers!
This greatly improves the incentive for enterprises to pay the ransom, after the critical data is exfiltrated and then encrypted. And it has significant implications for CISOs and Heads of Storage and requires a drastically different approach to cybersecurity.
Storage also plays a critical role in the ability to recover from a cyberattack, since storage is where replicas, snapshots and backups are kept.