Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

CTRL-Z and the Changing Data Landscape

Published 05/18/2017

CTRL-Z and the Changing Data Landscape

By Mark Wojtasiak, Director of Product Marketing, Code42

The massive “WannaCry” ransomware attack that appeared in Europe last week and spread to over 150 countries is a perfect illustration of why enterprise data storage is in a period of flux. Today, organizations can choose to keep their data in the cloud, on-premise, or across both in a hybrid deployment. This variety of choice is great – it caters to pretty much every type of organization and allows IT decision makers to see where sensitive corporate information is at all times—right?

Wrong.

In 2017, 50 percent of all corporate data is actually held locally, at the endpoint, on employee devices. This is according to 800 IT decision makers (ITDMs) and 400 business decision makers (BDMs) surveyed as part of our brand new CTRL-Z Study, a pan-global report looking into the data practices of some of the world’s largest organizations and most senior stakeholders—including the C-suite—across the U.S., U.K., and Germany. The endpoint is also where 78 percent of ransomware attacks begin, and WannaCry has reportedly spread to over 100,000 organizations so far.

When ‘benefits’ outweigh the risks

The serious security implications and risks to productivity that this shift in data repositories represents are well understood at the top of the organization, with 65 percent of CIOs and 63 percent of CEOs stating that losing all the data held at the endpoint would destroy their business. But, in reality, awareness of the risk is doing little to dissuade poor security practices.

Three quarters (75 percent) of CEOs and more than half (52 percent) of business decision makers admit that they use applications/programs that are not approved by their IT department. The vast majority (80 percent) of CEOs and 65 percent of BDMs also say they use these unauthorized solutions to ensure productivity. This is despite 91 percent of CEOs and 83 percent of BDMs acknowledging that their behaviors could be considered a security risk to their organization.

So, to put it bluntly, there’s behavior at the top of numerous enterprises that favors productivity and getting the job done over data security, and CEOs and key BDMs realize this. Therefore, especially in light of coordinated global cyberattacks, the big question is: “Where does the enterprise go from here?”

Recovery is the key to data security

Productivity is undoubtedly the key to business success. At the same time, it is integral to business continuity to protect data and to be able to rapidly recover from a breach or to undo a ransomware infection. Around 50 percent of respondents to the CTRL-Z study admitted that their organization had suffered a data breach in the last 18 months. As evidenced by these numbers, the days of a ‘prevention only’ approach to security is not sufficient. Tried and tested recovery must now be at the core of enterprise data protection strategy—to get employees back up and running quickly should a breach occur. After all, the biggest cost of a ransomware attack isn’t the ransom payment—it’s the lost productivity that can result from not having the right backup and restore solution in place.

When it comes to security, there are three pillars to ensure success. First, organizations must be able to spot risk sooner. Gaining visibility over where data is, how it moves, who accesses it and when could act as an early warning system to alert ITDMs to both insider and external threats. Second, the enterprise as a whole always needs to be able to bounce back. When a data incident occurs, internal teams and the backup solutions in place need to be tested and ready to face the challenge. Finally, if the organization is to remain competitive, it needs to recover quickly. Time is money, and in the modern enterprise, so is data. Whatever goes wrong, whether that be a company-wide breach or an insider leaking a single file, IT professionals need to be able to identify the where, when and who of the situation immediately if they hope to mitigate the risk.

Now is definitely the time for change, and the enterprises that want to remain competitive are starting to act. As many organizations around the world have learned in recent days, it’s not if you will be hit by a cyberattack, but when.

Share this content on your favorite social network today!