Why companies must rethink their recovery plans
Data breaches have become an unfortunate reality for many organisations, with cyberattacks growing in both frequency and sophistication. When a breach occurs, effective backups are crucial for business continuity and rapid recovery. However, recent findings reveal significant vulnerabilities in many organisations' backup strategies, leaving them unable to make a full recovery from attacks. This troubling trend underscores the urgent need for companies to enhance their backup protocols, diversify storage methods, and follow established best practices to mitigate damage when breaches occur.
The recovery challenge
According to Apricorn's 2023 survey, only 50% of organisations that suffered a data breach were able to restore all their data. A concerning 25% managed only partial data recovery, and an alarming 8% were unable to recover any data due to inadequate backup processes. These findings spotlight a critical issue, namely that many businesses lack robust, tested backup systems that can withstand a severe attack. Only 9% of survey respondents acknowledged that their current backup measures are insufficient for ensuring rapid recovery, reflecting a widespread lack of awareness and backup fallibilities that leave many companies vulnerable.
The UK Government's Cyber Security Breaches Survey 2024 adds further insight, revealing that while 55% of businesses back up their data securely, a staggering 71% rely solely on their cloud service providers (CSPs) for this purpose. This dependence on a single solution is a risky approach, as CSPs are not immune to breaches themselves, and any attack on their infrastructure can directly impact the organisations relying upon them. When backups fail, companies face extended downtimes, regulatory penalties, reputational damage, and, in many cases, costly ransom payments. This highlights the need for a more resilient approach to backups.
The importance of diversification
The risks associated with single-point backup systems emphasise the need for organisations to adopt a diversified approach. Apricorn's survey shows positive trends in this area, with 30% of respondents automating backups to both central and personal repositories - a rise from 19% in 2023. Automated systems ensure that critical data is saved without depending on manual interventions, which are prone to human error. Additionally, 27% of organisations now back up data to central repositories and 16% to personal repositories, showcasing a gradual shift towards diversification.
Diverse backup methods help mitigate risks by ensuring that organisations have access to multiple copies of their data across various locations and formats. The "3-2-1 rule" is a widely recommended best practice for resilient backup strategies: at least three copies of data should be kept on at least two different media, with at least one copy stored offsite. Having at least one isolated, offline backup, such as an encrypted removable hard drive, provides additional protection against cyberattacks that could compromise network-connected storage.
Why cloud-only backup is insufficient
The trend toward cloud-only backup, with 71% of organisations relying solely on their CSP, reflects an overconfidence in cloud security. While cloud providers offer robust protections, they are not invulnerable; cloud breaches and administrative errors have been known to compromise vast amounts of data. Organisations need to recognise that relying on the cloud as a standalone solution could leave them critically exposed in the event of a cyberattack that impacts their CSP's systems.
Instead, organisations should supplement cloud storage with secure, offline backups. Portable, encrypted storage devices offer an offline, secure way to store data, safeguarding it from network breaches. By diversifying their backup approach, businesses can better protect themselves from ransomware and other cyber threats that may impact their cloud storage solutions.
Backup practices and cyber insurance
Notably, the need for reliable backup strategies is increasingly tied to cyber insurance compliance. In 2023, Apricorn's survey found that 46% of IT decision-makers viewed backup policies as essential for meeting cyber insurance requirements, up from 28% in the previous year. Insurers are now mandating more stringent backup protocols to qualify for coverage, recognising that organisations with robust backup measures are better positioned to recover from an attack without prolonged disruption or significant financial losses. Failing to meet these requirements could leave companies uninsured and financially exposed in the event of a breach.
Resilient backup strategies
In summary, best practice advice on an effective backup strategy advocates businesses should:
- Automate backups to reduce reliance on manual processes, ensuring that backups occur consistently and regularly.
- Diversify backup methods to avoid a single-point-of-failure by storing data across multiple locations and media. Combining cloud backups with offline, encrypted hard drives provides resilience against various types of cyber threats.
- Regularly test backup systems to ensure that backups are functional and complete. Testing also reveals weaknesses that can be addressed proactively, reducing the risk of failure in an actual attack scenario.
- Follow the 3-2-1 rule by maintaining at least three copies of data stored on at least two different types of media, with at least one copy kept offsite to ensure availability and protection in the event of a major disruption.
With ransomware attacks and cyber threats on the rise, inadequate backup processes can be devastating for businesses. While cloud solutions offer convenience, overreliance on them introduces risks that can be mitigated through diversified, resilient backup strategies. Organisations must prioritise backup improvements as a proactive defence against future cyber incidents. By implementing strong, tested, and multi-layered backup processes, businesses can ensure they are well-prepared to recover quickly from breaches, protecting both their data and their reputation.