The Veeam Data Protection Trends Report 2023 reveals that 85% of global organisations experienced a cyber-attack last year. With 76% experiencing an attack in 2021, cybercrime is on the rise and has led to 85% of organisations increasing their data protection budgets this year.
Experts admit that cybercrime in South Africa is on the rise, and costs the economy in the region of R2,2-billion every year1. It is the most critical systemic risk for South African businesses in the foreseeable future – and Interpol agrees. A 2021 report by the organisation sees South Africa topping the list of cyber threats across the continent, and alarmingly, third in the world.
The threat is further underlined in the report, which highlights the importance of businesses being well protected from an information technology and data storage perspective. With 85% of global businesses falling victim to at least one ransomware attack in 2022, and 79% admitting they have protection gaps that require attention, the need to increase cyber security budgets is crucial. Closer to home, 48% of organisations in the Middle East & Africa experienced two or three attacks in 2022.
According to Chris Norton, regional director of Africa at Veeam Software, cyber security is important for business continuity, and businesses are taking data protection more seriously as they aim to build a data-resilient environment.
“Eighty-five percent of report respondents revealed that they plan on increasing their data protection budgets this year, some by as much as 6,5% in 2023. This, in turn, increases both their business and cyber resiliency.”
While cyber security insurance is a must-have, even if a business qualifies for insurance and a breach occurs, this does not guarantee a payout for damages to the business. Instead, stipulated costs will be allocated to restore the data, if the data can be restored. The onus remains on the business to make sure it has protection strategies in place and has partnered with the correct infrastructure partner to ensure that its data remains secure and can indeed be restored in the event of a disaster or ransomware attack.
While data backup is essential, businesses need to go one step further and put contingency plans into place in the event of cyber threats and attacks. This is particularly important given that, according to the report, only 55% of an organisation’s encrypted or destroyed data after being held for ransom was able to be recovered.
“Cyber attackers don’t break into data centres to just delete data – they break in to steal data as it is worth something to them and they can potentially demand payment. If not, it will be deleted,” he explains. “Having a data backup is not solving a data resilience problem, but is simply a mechanism to recover the data. It should be viewed as one aspect of a holistic data resiliency strategy.”
Protecting data within four walls is easier, however, when data is stored across multiple locations such as cloud, hybrid cloud, and others, it is imperative for businesses to consider how they apply their corporate governance policies to this data – an often complex and costly endeavour.
“Our lives were much easier when we were teenagers, but fast forward into adulthood, the majority of us have families, houses, cars and other areas of our lives that need to be continuously maintained and protected – the same complexity can be applied to data protection,” adds Norton. “Complexity is an ever-present reality. The more data a business accumulates and the more locations it is stored at, the more complex and costly it becomes.”
Norton recommends that businesses prioritise three non-negotiables when developing a modern-day data protection solution, including:
* Data mobility – Having a semblance of control over a business’s data and where it resides so that it can be moved easily if required.
* Simplicity – With so many complex environments, businesses should opt for a single software-defined tool to help manage the complexity and one that can back up onto any platform or device anywhere, anytime.
* Security – Making sure that backups are secure and easily restored.
In today’s data-driven society, the risk of being ill-prepared for cyberattacks is enormous, and businesses that fail to prepare must be prepared to fail,” concludes Norton.