Cybersecurity, Ransomware, and Data Protection; a Discussion with Dr. John Meyers | Cybersecurity

Cybersecurity is a concern for employees at all levels of organizations today. Ransomware is a new type of malware that has exploded on the market. The US Government estimates that 4,000 attacks occur every day while IBM estimates that the attacks increased 6,000% in 2016.

Ransomware is devious; after infecting an unsuspecting host, the software encrypts all data it can find in the IT infrastructure. Once encrypted, the data becomes inaccessible and the hacker demands money in return for the decryption key. Infected entities are left with a difficult decision:

Pay the hacker and hope that he/she provides the key and that the data is recoverable. There is no guarantee that either of these two things will happen. While the US Government discourages this strategy, 70% of businesses pay making ransomware a profitable endeavor for hackers. (It is estimated that hackers earned $1 billion in 2016.)
Ignore the hacker’s request and look to other means to recover the encrypted information. (Typically relying on backup copies of data.)
End users need to be aware of this risk and be prepared to respond when or if an infection occurs. In this video series, Actifio’s Chief Marketing Officer Brian Reagan interviews Actifio’s Chief Information Security Officer, John Meyers, discussing the challenges of ransomware and the strategies that can be used to prevent and recover from attacks.

Brian Reagan: “How does ransomware attack?”

Dr. John Meyers: “Ransomware is a type of malware that infects end-points. In particular, people go out and maybe do something they’re not supposed to or even be tricked by an attacker who sends an attachment that comes from a vendor you do business on a regular basis. Innocently, you open it up and it says you owe money from an invoice from a vendor you’d expect. Your adobe PDF reader is not up to date so it exploits something in that application and it gets your work station infected. Once it’s on there, it will go out to the internet, it will bring down its nasty payload and it will start encrypting the data that it can get to. It’s important to know we are not just talking about end points here.”

Brian Reagan: “Is there anything Actifio does uniquely when it comes to replication, that can prevent this type of spread of infection?”

Dr. John Meyers: “Absolutely, all types of replication have their purposes. There is no type of replication that is “one size fits all” and we should all use it. People think synchronous replication is better because it’s so short but it really isn’t better. It certainly has its drawbacks and the biggest drawback of all is anything that happens on the descending side, the productions side, immediately gets replicated to the remote side.”

Brian Reagan: “Based on the recent paper by Gartner, one of their best practice steps about having appropriate RPO and backup cadences for the different applications. It sounds like Actifio really meets a lot of that RPO flexibility based on the different ways to move data over the wire.”

John Meyers: “As I like to tell people, all data is not the same. If we look at an organization’s data, all data is not produced the same. There is some data that is pretty critical to the organization. We have to get that data back with the shortest RPO and RTO we can because the business depends on it.”

Brian Reagan: “One of the other things we have seen over the last year or so is the concern around cybersecurity of actual back up sets. Can you talk about how Actifio may play a role in that?”

Dr. John Meyers: “If you look through the history of back up, we started with tape backup. You protected your data by writing out to tape, put it in a box, a truck would come pick it up and then they’d stick it in a vault somewhere. You would be relatively assured that nobody is going to alter that data. The bad news is, if you want that data back, its going to take a long time to get it. So, we moved away from tape and now we are on disk. Now your backup is connected to the same network that you potentially are at risk for. But Actifio is not a traditional back up product, we are an enterprise data-as-a service type appliance and we really pioneered what we call ‘copy data’.”

Brian Reagan: “I have heard the phrase “air gap” used when it comes to an extra layer in the security in the data protection scheme. Can you tell us more about where it comes from and what’s driving this notion of an air-gap?”

Dr. John Meyers: “Well, what we talked about earlier when you wrote out to tape, that is air-gap. That’s where it actually comes from. You can’t actually get to those tapes that are locked away up Iron Mountain’s vault. Now that we have an online storage systems and back-up systems or in our case an Enterprise data-as-a service appliance, they’re still on the network. But what about the unknowns?”

Brian Reagan: “Not only are you a fellow and Chief Security Office here at Actifio, you were a former customer of Actifio. To potential customers out there what guidance or suggestions do you have in terms of evaluating Actifio as platform?”

Dr John Meyers: “Actifio is not a back-up system, nor is it a test and development system, it is a unique breed of appliance originally know as copy-data. Actifio pioneered the solution and is today now Enterprise data-as-a service. It is a unique entity.”

Source:https://www.actifio.com/company/blog/post/cybersecurity-ransomware-data-protection-discussion-dr-john-meyers-cybersecurity/