Ransomware attacks are evolving faster than ever, making cyber resilience a top priority for organizations of all sizes. In this post, our principal product marketing manager, Leah Troscianecki, EMEA field CTO, Edwin Weijdema, and VP, Technology GRC, Courtney Elder, answer some of the main questions from Veeam’s Risk to Resilience Report, share real-world insights from the front lines, and offer actionable best practices to help your business prepare for and recover from cyber incidents.
Whether you’re in IT operations, security, or compliance, you’ll find practical advice and strategic insights to strengthen your organization’s defenses.
Q: What’s new in the latest “Ransomware Trends: From Risk to Resilience” report?
Leah: This year, we partnered with third-party vendors and Coveware to gather anonymized and real-world insights. It’s critical for the community to share knowledge, given the sensitive nature of cyberattacks. This report dives into the latest attack patterns, what’s changing in the threat landscape, and the most up-to-date best practices for resilience.
Q: How often are backup repositories targeted, and how often are others in the organization aware of a breach?
Leah: One of the most striking findings we had in the report was that 96% of the time, backup repositories are attacked during a cyber incident. These backups were successfully accessed by bad actors 66% of the time, with 34% of those backups being modified or deleted as part of the attack.
Edwin: It’s shocking how often only the backup admins know this is happening. Many members of wider IT and security teams often don’t realize backups are a frequent target, which is dangerous. Attackers often aim to destroy backups first to force a ransom payment, so protecting your backup infrastructure is step one for resilience.
Q: Are IT and security teams generally prepared for ransomware attacks?
Leah: Our survey found that organizations’ confidence in their readiness tends to drop after an attack. Organizations often feel ready in theory, but cracks tend to show up once they actually face an incident.
Courtney: From a governance, risk, and compliance (GRC) perspective, our job is always continuous monitoring and testing. This second line of defense gives us a clear read on risk and therefore gives CISOs a more realistic view of preparedness, since they measure and report on it constantly.
Q: Why do organizations pay ransom, and does it work?
Leah: 50% of those who paid a ransom did so to avoid downtime, which is a factor they theoretically can control through thorough planning. Unfortunately, of those attacked, 69% were attacked again. The threat landscape is shifting, with more unpredictable “lone wolf” attackers. This means it’s vital to focus on preparedness and recovery instead of hoping a ransom payment will solve the issue.
Q: How should organizations choose a cybersecurity framework?
Edwin: Focus on operational resilience. Most frameworks — NIST, CMMC, and others — emphasize being proactive and minimizing downtime. Pick the one that fits your organization’s needs best, but remember, the common goal is resilience.
Courtney: Exactly. Most regulatory frameworks overlap. As a vendor, we map and validate our controls against all major frameworks to assure our customers we can meet their requirements. “Ask once, use many” is our mantra; track and measure against the core controls that matter most to your business.
Q: What is Veeam Trust Center, and why does it matter?
Courtney: Veeam Trust Center is a public portal that showcases our compliance and security certifications. It lets customers self-serve for due diligence purposes and hopefully streamlines the process of searching for a new vendor. For anyone managing risk or compliance, it’s a must-use resource!
Q: How are roles and responsibilities evolving in cyber resilience?
Leah: The days of blaming a single person for a breach are fading. Successful organizations are shifting from personal accountability to collective action, which means delineating clear roles, assigning specific responsibilities, and fostering a culture of shared responsibility.
Courtney: We’ve rebranded “security awareness” to “security culture.” This is about enabling everyone, not just IT, to be the first line of defense against ransomware. We reward good behavior, like reporting phishing attempts, to incentivize proactive participation.
Edwin: Organizations that focus on collective action, rather than finding someone to blame, recover faster and build a stronger culture. It’s all about learning and improving together.
Q: What sets apart organizations that recover successfully from ransomware?
Leah: Successful organizations regularly verify backups, ensure copies are clean, maintain alternate infrastructures, and rigorously test their recovery processes.
Edwin: Our 3-2-1-1-0 Rule is key: Three copies of data, two media types, one offsite, one offline/immutable, and zero errors from regular testing.
Q: What’s the role of penetration testing in resilience?
Courtney: Penetration testing is crucial, not just for your infrastructure, but your products as well. We use internal and third-party testing to increase frequency for deeper assurance. It’s not a pass/fail checkbox, but an ongoing process. The more you test, the more you uncover and can proactively address your problems.
Final Thoughts
As ransomware threats continue to challenge organizations, building a culture of shared responsibility and proactive resilience has never been more important. By adopting some of these best practices, you can strengthen your defenses, recover swiftly, and better protect your data. Check out the full ransomware trends report and Veeam Trust Center, and stay connected for more insights, tools, and guidance!
The post Cyber Resilience Strategies from the Risk to Resilience Report appeared first on Veeam Software Official Blog.
from Veeam Software Official Blog https://ift.tt/s9MfIuR
Share this content: