2021 Reflections & 2022 Predictions From StorCentric & Retrospect

Today I have some 2021 Reflections and 2022 Predictions that relate to how to protect your company from cybercrime from Mihir Shah, CEO of StorCentric, Surya Varanasi, CTO of StorCentric, and JG Heithcock, General Manager of Retrospect, a StorCentric company.

Here are their 2021 Reflections: 

Mihir Shah, CEO, StorCentric (www.storcentric.com):

  • Cybercriminals and ransomware are evolving: from hitting only single organizations and/or individuals to attacking MSPs, where they could target multiple organizations with one fell swoop (e.g., Kaseya ransomware attack perpetrated by the REvil group). 
  • Cyber insurance became increasingly critical: and it wasn’t just for large enterprises anymore. Small and medium sized enterprises invested, many for the very first time. Yet, confusion and frustration over what it does and does not cover continues. 
  • Enterprises recognized the need to protect themselves against a ransomware-related class action lawsuit: and began preparations for a worst-case scenario. Enterprises also increased their focus on data protection, particularly PII, as well as their ability to demonstrate that every possible precaution was taken to prevent and recover from an attack

Surya Varanasi, CTO, StorCentric (www.storcentric.com):

  • Unbreakable Backup became an indispensable solution for ransomware attack recovery: thwarting cyber criminals ‘attack the backups first’ strategy. 
  • Backup copy immutability became non-negotiable: meaning at least one backup copy must be immutable, unable to be deleted, corrupted or changed in any way, even if the ransomware has already infiltrated your organization, and integrated itself into the backup process

JG Heithcock, GM, Retrospect a StorCentric company (www.retrospect.com):  

  • Ransomware as a service (RaaS) is a huge business with attacks continuing to grow at an alarming pace. Businesses at every size are increasingly exposed to ransomware attacks.
  • Cyber criminals are attacking backups first: and then once under their control, coming after production data. This means that many enterprises are feeling a false sense of security, until it is already too late.
  • Recovery capabilities became the #1 ransomware strategy: while prevention and detection remained indispensable, recovery capabilities became the top priority.

Here are their 2022 Predictions:

Surya Varanasi, CTO, StorCentric (www.storcentric.com): “Massive data growth combined with significant changes in the way we work today and a rapid rise in cybercrime has driven increased challenges for data center managers. In 2022, it will be critical to respond to these demands, and to pursue and achieve digital transformation strategies that enable organizations to store, manage and protect data at scale. And I predict that in 2022, data center managers will find that the ideal way to do this will be to start with the right data storage foundation. 

In 2022, organizations will seek a data storage foundation that enables them to support a mix of workloads. The storage will allow for flexible configurations and simplified expansion to meet a wide variety of capacity and performance requirements. Next, organizations will seek a solution that provides multi-protocol support. Certainly, at a minimum, the storage will support block (iSCSI, FC) and file (NFS, CIFS/SMB). However, given the increasing desire to run cloud-native applications, backup and restore critical data, as well as archive data in the cloud, S3 object storage support will become a must-have as well. 

Today’s digital transformation strategies would be remiss if data protection and business continuity were not at the top of the list of considerations as well. This is especially true in 2022, when data center managers are not just concerned with equipment malfunction, but also insider threats and external cybercriminal activity, such as ransomware attacks. So, capabilities such as immutable volume and file system snapshots that deliver secure point-in-time copies; object locking for bucket or object-level protection for specified retention periods; and pool-scrubbing to detect and remediate bit rot and data corruption will be deemed essential.”

JG Heithcock, GM, Retrospect a StorCentric company (www.retrospect.com): “Today, more than ever, data can be lost by accident, damaged by a natural disaster, or fall victim to cybercrime. In 2022, with ransomware continuing to grow as a threat, data protection will become the most indispensable component of every organization’ digital transformation strategy. In 2022, the 3-2-1 backup rule will continue to be the golden rule of complete data protection. This means that organizations will keep three copies of data saved across at least two media types, with one more copy saved offsite. In 2022, ROI will also remain the name of the game, so organizations will seek a proven solution that makes this easy and affordable to implement. The ideal backup solution will enable a backup script to a local destination and a backup transfer script to an offsite target. Using a transfer script to copy backups to a second location enables the administrator to perform the operation offline, without the original source needing to be used. In 2022, there will be various options available for implementing 3-2-1 workflows. The first possibility will be disk and cloud. Combining local disks and cloud storage locations is a common pattern for a backup strategy. An available backup on a local disk translates into very fast recovery time, as the local network allows for much higher bandwidth. A remote backup on a cloud storage location insulates the organization’s data from disaster, malware, and other problems that arise. The second option will be network-attached storage (NAS) and cloud. NAS devices are an affordable on-site storage location for backups. Leveraging an on-site NAS ensures a large, dedicated storage pool and high bandwidth for backups. Transferring those backups to the cloud as an offline process allows administrators to avoid touching the original source multiple times. The third option will be disk and tape. Disk remains the most common storage media, and tape continues to make strides in speed and storage capacity. With a local disk, the administrator can quickly back up their environment and have the backups available for fast restore. Using a tape library for offsite storage enables the administrator to store their backups in a safe location (like a security deposit box or a third-party storage locker) that – unlike the cloud – the administrator has physical access to. Of course, in 2022, going beyond the 3-2-1 backup rule will provide organizations with extra insurance to protect their digital transformation initiatives. Organizations can choose to utilize a second cloud storage location (i.e., 3-2-2 strategy) or NAS, tape and/or cloud (i.e., 3-3-2 strategy) for added redundancy. Finally, in 2022, utilizing WORM storage in the cloud with Immutable Backups will provide the best protection against ransomware attacks. With a locked backup, malware cannot delete your critical data, enabling the administrator to recover if the worst does happen. By combining the 3-2-1 backup with immutable backups in the cloud, administrators can ensure their organization’s data is protected against the latest threat landscape.”

Leave a Reply

%d bloggers like this: