AI surge heightening cyber threats, how should businesses respond?
Keeping AI safe from cyber-criminals
AI tools are rapidly widening the potential uses and transforming the value of corporate data, and with it, the price that cyber-criminals can get for it. Companies will remain highly vulnerable to these fast-emerging threats until they set up practical frameworks for ransomware protection and reduce the risk of becoming the cyber-criminal’s next victim.
Many organizations still rely on reactive measures or legacy tools to protect their data, such as traditional backups, of which 58% fail, or simply pay a ransom when an attack strikes. In 2023, nearly 73% of companies worldwide paid a ransom to recover data. Not only is this approach costing businesses significant amounts (the median payment is around $350,000), but paying up doesn’t signify the end of disruption, it often still takes organizations weeks or months to recover their data.
It’s clear that traditional backup or making ransom payments do not deliver the robust and rapid response to ransomware that organizations require as AI starts to transform the threat landscape. In fact, recently there have been calls to ban ransom payments for the very reason that they’re effectively funding the next stage of cyber-criminals' malicious activity, and are actually inadequate in helping organizations to recover from data theft or file encryption during an attack.
The true solution lies in a strategy of protect and detect to achieve complete cyber resiliency. This means organizations need better understanding of the risks to their critical data, the need for proactivity to detect and contain ransomware attacks’ effects, and solutions that can deliver timely and effective data recovery and also avert costly downtime for the organization.
Chief Evangelist at Nasuni.
Realizing critical data risks
Today’s 24/7 business operations demand that key questions about the risk to critical data and recovering from attacks are addressed before ransomware hits. Truly understanding key vulnerabilities will ensure businesses can deliver a comprehensive ransomware ecosystem and protect vital business data.
Questions to explore include:
- How much time will it take to discover the attack? How much data could be encrypted or exfiltrated during that time window?
- Can you recover your data? How do you know whether you are able to recover?
- How much time will it take to: a) find what needs to be recovered and b) perform the actual recovery operation?
- What is the possible data loss due to an infrequent backup schedule?
- Does your data protection strategy scale? How quickly can you recover Petabytes of data and/or millions of files?
Proactivity is key, and ransom isn’t an option
Ransomware attacks are evolving so fast that they present a growing threat to organizations' business-critical data. Organizations' shift to hybrid working arrangements and reconfiguring of supply chains during the pandemic increased the range of attack vectors for criminal gangs. It is down to companies and public bodies themselves to adopt more robust methods to detect ransomware attacks earlier, strengthen their protection against them, and recover more rapidly from them.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Although many industries are realizing through bitter experience that the size of the initial ransom demand is often dwarfed by the overall costs of secondary and tertiary attacks – such as criminals auctioning off sensitive customer data on the dark web – CEOs might not be aware that the tools to prevent entire file systems being locked up or data stolen by criminals in the first place are available to their IT teams now.
Implementing a timely and effective ransomware response
Businesses must adopt an active approach to detect and protect against ransomware. This approach halts an attack’s progress, avoids the need to pay a ransom, and enables them to recover rapidly.
Cloud-based tools are already on the market enabling companies to protect their businesses by identifying live threats at the edge of their networks and quarantining ransomware to stop it from getting to their critical data. However, it’s key to understand that ransomware is constantly evolving, so even the most advanced detection technology may not offer complete detection and containment of the latest ransomware developments.
This is why a comprehensive solution is required, one that can detect attacks early and assist with the protection of business-critical data and its rapid recovery. These tools go beyond traditional backup by storing immutable copies of data that businesses can immediately dial back to the second before an attack hits, providing that instant response and recovery, not the weeks or months it frequently takes to assess entire file systems to identify the damage, and then potentially get data back.
True cyber resilience is key to keeping AI data safe
Ransomware exploits are endemic but the tools to prevent criminals from locking up entire file systems and then naming their price, are available. With AI tools rapidly transforming the potential uses of business-critical data, and the amount that cyber-criminals can extract from their victims for it, organizations need multiple security gates, better employee education on fast-evolving security risks and mitigations such as point-in-time recovery of company files.
To achieve data readiness, companies will need to assess their data, consolidate it, and secure these unified information sources, to ensure they have full control of their datasets and who uses them in AI applications. And company executives must realize the stark reality that paying a ransom only funds the perpetrator’s next exploit.
We've featured the best business VPN.
This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro
Russ Kennedy is Chief Evangelist at Nasuni.