In July 2025, Microsoft issued an advisory warning stating that a SharePoint vulnerability had been discovered and was actively being exploited. More than 9,000 organisations worldwide using SharePoint Server have been affected by this security breach. Attackers used server-side privileges to tamper with the machine keys and bypassed authentication methods in order to carry out the attacks. For many companies, SharePoint is mission‑critical for cross‑team document collaboration. When it’s compromised, sensitive data can leak, ransomware can spread, and core operations can stall.
This incident highlights the need to reevaluate and optimise data protection strategies. Prevention alone isn’t enough. You need the ability to recover fast, clean, and with confidence. That’s what cyber resilience delivers.
How a multi-layered defence strategy can help enterprises face a crisis
Using the recent Microsoft SharePoint cybersecurity incident as an example, attackers didn’t strike directly; they exploited a vulnerability from a third-party vendor to steal credentials and then infiltrate the SharePoint system. Companies serious about resisting cyberattacks can no longer rely solely on firewalls or antivirus tools. Instead, organisations must adopt a multi-layered security approach that includes endpoint security, network segmentation, data encryption, access controls, behavioural detection, and backup methods. They must also impose strict requirements on the vendors to ensure they meet cybersecurity standards, regularly undergo security assessments and audits, and establish clear security compliance regulations.
Let’s take a look at some key features and their importance as part of the overall cybersecurity strategy:
Strengthen your endpoint security
Deploy Endpoint Detection and Response (EDR) solutions as well as antivirus software to
proactively block threats. Hackers often start by attempting to breach a single endpoint. Once breached, they may cause the entire system to come under attack.
Secure your networks
Implement network segmentation as well as firewalls to isolate critical systems. With Intrusion Detection System (IDS) and Intrusion Prevention System (IPS), you can analyse traffic, detect anomalies, identify insider threats, and immediately intercept suspicious network connections.
Safeguard your data
Reduce the risk of data leaks by encrypting personal and proprietary data. Pair encryption along with Data Loss Prevention (DLP) to prevent sensitive data from being copied, exported, or uploaded.
Implement role-based access controls
Enforce zero-trust and least-privilege access principles, along with multi-factor authentication (MFA), to prevent identity theft. Integrate Single Sign-on (SSO) and Identity & Access Management (IAM) to centrally manage identities and permissions.
Monitor and identify threats
Leverage Security Information and Event Management’s (SIEM) advanced analytics to collect and analyse security events, block abnormal data access, and proactively spot emerging threats that may indicate any upcoming attacks.
Routinely update and patch systems
Update software and hardware with patches regularly to defend against evolving cyber threats. Fix existing vulnerabilities and optimise system security for the long term.
Perform backups and recovery
Back up critical data regularly and safeguard multiple versions and off-site copies of your data. By relying on backups, companies can avoid paying a ransom and minimise damage in the event of a ransomware attack.
The key to cyber resilience: Business continuity and data recoverability
Backups are often regarded as the last line of defence. When everything else fails and your data is encrypted or even deleted, backups are the only way a business can restore its operations. To strengthen its cyber recovery, a company must back up all operational data, enhance data isolation, and regularly verify backup recoverability.
As enterprises today operate with a diverse range of platforms and tools, any protected workload becomes a vulnerability waiting to be exploited by ransomware. When platforms and data stored on them are linked together, companies must ensure that no backups are left behind and that the source and device are included in the backup strategy.
Implementing a cyber-resilient architecture is essential, as businesses cannot rely solely on a single defense mechanism. Synology, a leading provider of data protection solutions, recommends that companies leverage data isolation techniques such as immutability and offline backups. Immutable backups ensure that data cannot be changed or deleted during the retention period, reducing the risk that backup servers are compromised. Offline backups are physically isolated and inaccessible from external networks, lowering the risk of ransomware infiltration while minimising the risk of security loopholes due to human errors.
Merely backing up your data isn’t enough. The key is to verify data usability. Without verifying backup integrity, companies face the risk of being unable to restore their backups when needed, even though they exist. Organisations should implement backup verification and disaster recovery drills as standard operations and use solutions that come with built-in support for these features to recover operations immediately in the event of a ransomware attack.
You can’t prevent every breach. But you can make sure your business survives one. Combine layered defence with isolation, immutability, and verified recovery. That’s real cyber resilience – the difference between a multi‑week outage and a confident comeback.
Learn more about securing your data: https://sy.to/ok1jq
Contact Synology for your inquiries: https://sy.to/1whvg
