Skip to main content
Subscribe
Subscribe to our Newsletter Subscribe
News
5 min read

How Tech Leaders Can Safeguard Backups and Prevent Downtime

Sterling Wilson
By
Sterling Wilson
Sterling Wilson

Sterling is Field CTO at Object First and a technology professional with a unique perspective gained from experience as a data center engineer in both public and private sectors. Spending years in technical and leadership roles with data management and storage companies, he understands that data is our most strategic asset. He is committed to advancing the technological landscape and thought leadership around data safety and is always a willing contributor to enable and invigorate the channel, user, and industry communities on data resilience.

More about Sterling
Last updated on Jan 3, 2025
QUICK SUMMARY

With ransomware attacks on the rise, traditional backup systems are proving inadequate against sophisticated cyber threats. By adopting Zero Trust Data Resilience (ZTDR) principles like segmentation, resilience zones, and immutability, tech leaders can build a robust defense against evolving attacks.

How Tech Leaders Can Safeguard Backups And Prevent Downtime Featured Image
Key Takeaways

Ransom Risk: A Shocking Rise!: Ransomware is a major concern for tech leaders, with 2024 seeing record ransom payments averaging $1.5 million!

Backup Blunders: Outdated backup technology and poor encryption are major factors that worsen ransomware's impact, with many IT managers reporting long recovery times and severe downtime consequences.

Simplicity Saves: Less is More!: Amidst the complexity of cybersecurity tools, there's a shift towards simple solutions that provide effective protection without requiring extensive oversight or expertise.

Secure Your Backups: Applying Zero Trust principles to data storage ensures that backups remain secure from cybercriminals, significantly reducing the risk of data encryption or deletion during attacks.

The Cybersecurity Crunch: The cybersecurity workforce is stagnating, constrained by budget cuts and hiring freezes, further complicating the challenges IT managers face in securing data backups.

If you asked CTOs and tech leaders what aspect of their role causes them the most concern today, ransomware would undoubtedly be near the top of the list.

2024 was a remarkable year for cybercriminals, with experts sounding the alarm for a record-breaking year for ransomware and larger ransom payments than we’ve ever seen. The median ransom payment in July 2024 was $1.5 million – a vast increase from the 2023 median of $200,000.

Beyond ransom payments, several factors amplify the impact of cyberattacks but are often overlooked until it’s too late. Object First recently surveyed 615 IT managers across the U.S., U.K., and Germany and found that outdated backup tech, lack of backup data encryption, and failed data backups are the top factors that amplify the impact of ransomware attacks. In addition, 44% of IT managers surveyed say it has taken one or more months to recover backup data, with 56% revealing downtime resulted in company-wide disruptions.

It's clear that organizations’ backup infrastructure is not prepared to handle malicious activity, and cyber criminals are cluing in. Nearly half (45%) of reported ransomware attacks targeted the organization’s backup data.

While this all may sound bad, don’t lose hope quite yet. There are simple and secure steps tech leaders and their teams can take to protect their backups and avoid downtime.

Return to Simplicity

How can you improve data resiliency? First, it’s important to acknowledge what’s currently holding you back. According to the Object First survey, 40% of IT managers report not having enough secure storage to protect backup data against ransomware, 69% say budget constraints on hiring security experts negatively impacted their security posture, and 41% say their people lack the skills to manage complex backup storage solutions.

A recent ISC2 report found that the cybersecurity workforce grew just 0.1% year-over-year in 2024 due to budget cuts, layoffs, and hiring freezes despite a continued global staffing shortage.

Based on these insights, it’s evident that the continued cybersecurity skills gap is negatively impacting data security. While the trend in recent years has been to invest in the latest, flashy cybersecurity tools that promise to protect systems against scary cyber threats, IT leaders often find that these tools over-promise and under-deliver.

In 2025, as decision-makers come to terms with the fact that this strategy is not producing the ROI they anticipated, CTOs will see a return to simplicity in the industry and rising demand for simple solutions that do one main thing, but do it well and without needing much oversight or expertise to maintain. 

Bring Zero Trust to Backups

Surely, CTOs have heard of Zero Trust at this point, but the security principle is still mostly contained to traditional networks, applications, and infrastructure. Bringing Zero Trust to data storage and backup is a game-changer for those who want to ensure their data will always be there, unmodified, and able to be recovered at a moment’s notice should the primary network/data repository be brought down. 

Cybercriminals attempt to use the same compromised credentials they’re using to move laterally around the network, to try to also infiltrate data backups to encrypt or delete data, hindering the victim’s ability to recover and increasing the chances the threat actor will receive a ransom payment.

Zero Trust Data Resilience (ZTDR), a model that applies the principles of Zero Trust to data backups, prevents this scenario. ZTDR calls for three main tenets:

  1. Segmentation: Separating aspects of the data architecture and enforcing the principle of least privilege ensures that if an individual’s account is compromised, the attack surface of what the intruder can access is vastly reduced. 
  2. Resilience zones: Follow the 3-2-1 backup rule to create redundancies in your data. The rule holds that it is a best practice to have at least three copies of data on two separate mediums (e.g., hardware, cloud, etc.), with one copy off-site. You can also take this rule a step further by adding one extra immutable copy offline and zero errors upon backups (now called 3-2-1-1-0).
  3. Immutability: Hardened, immutable storage should be the default for all backup solutions, set to compliance mode with zero access to the operating system or root account. This protects the backup data from modifications and deletions from outside threat actors, human error, or insider threats. 

While implementing ZDTR may sound complicated initially, it establishes an environment of consistent and secure policies – making monitoring and enforcement easier, especially for strapped IT teams.

What's Next?

With rising data disruptions, unreliable recovery processes, and relentless cyber threats, it’s clear that traditional security measures can no longer keep pace with today’s evolving threat landscape and the demands on IT infrastructure.

Adopting Zero Trust principles for backups through ZTDR implementation can strengthen your security posture, ensuring your data remains secure and resilient.

Subscribe to The CTO Club's newsletter for more insights and tools.

Sterling Wilson
By Sterling Wilson

Sterling is Field CTO at Object First and a technology professional with a unique perspective gained from experience as a data center engineer in both public and private sectors. Spending years in technical and leadership roles with data management and storage companies, he understands that data is our most strategic asset. He is committed to advancing the technological landscape and thought leadership around data safety and is always a willing contributor to enable and invigorate the channel, user, and industry communities on data resilience.

Follow the author: Opens new window Opens new window
You may also like