Protect Business Continuity from Cyberattacks in a Modern Computing Environment
Two dynamics in the global landscape of business are the prevalence of cyberthreats, and the emergence of the modern computing platform to deliver agile and flexible solutions. What happens when the two collide? A Veeam data protection survey confirms the first trend: the leading cause of outages over each of the last three years is attributed to cybersecurity events. And the second finding from a sponsored survey from the Enterprise Strategy Group reports that the deployment of containers is “red hot” with 82% percent of organizations intending to deploy them by the end of the year.
The Cybersecurity Threat and Ransomware
Let’s address the cybersecurity problem first. Among the triggers for cybersecurity events ransomware represents over 20% of incidents in both 2020 and 2021. Most recently, ransomware was the second leading type of cybersecurity event, surpassed only by “malware backdoors” which can also lead to extortion and ransomware claims according to IBM Security in their release of the X-Force Threat Intelligence Index Report 2023. In just the first quarter of 2023, the number of incidents spiked to 459 from about 280 in the comparative annual month in 2022 according to the March 2023 Report from the NCC Group. While an incident decline in the first half of 2022 might have led to the perception that increased intervention efforts by governance authorities were working effectively, the latest reports now show the opposite trend. Most recently, in March 2023, the highest number of organizational ransomware incidents on record points to a persistent and rising threat coming from the ransomware swamp.
The Cost of a Ransomware Attack
Unlike the raw number of incidents in 2022, the average expense per occurrence according to the Cost of a Data Breach 2022 report by the Ponemon Institute increased by 2.6% to $4.35 million USD. This is a significant cost to organizations that experience a cyber-attack. Ransomware forms a complicated landscape when it comes to mitigating the damage from an attack, and while not reported, it is thought that fewer than half pay the ransom and not all those companies are able to restore all their data. Given that 83% of the 550 organizations in the IBM Security report reported more than one ransomware attack, the data demands the attention of any organization that manages secured data, ranging from operational systems data to personally identifiable information (PII).
What is Data Protection in Modern Computing
At the heart of corporate computing systems is critical data running across a wide range of infrastructure including public, private, multi, and on premises clouds. Among options for container platforms in the modern computing era, Kubernetes has become the leading platform choice for services ranging from applications to auxiliary services. Widespread traditional architectures and support systems are not capable to support business continuity in the current landscape of modern computing amid the escalating threat that data is not secure. The reality is that RTOs and RPOs simply cannot be met by protecting modern applications and services using traditional infrastructure-centric support systems.
The Kasten K10 Data Protection Offering
To explain the data protection solution that Kasten by Veeam presents to customers, let’s work within the context of the Kasten K10 platform and three legs of cyber protection, and illustrate how each addresses a challenge that is uniquely overcome by the new release of Kasten K10 V6.0.
Discovery
Unlike traditional Kubernetes application backup solutions Kasten K10 can discover all applications and their components. This functionality is entirely unique from volume backups that have predefined hardware dependencies which is common with VM systems. This emphasizes the powerful scalability and rapid restoration capabilities of the Kubernetes platform. With the release of Kasten K10 V6.0, Kasten has integrated with intelligent threat detection platforms, such as Red Hat Advanced Cluster Security for Kubernetes and Amazon GuardDuty, to actively discover suspicious behaviors that emerge before any incidents occur. This is like a “shift left” in early detection that addresses malware backdoor and ransomware attacks beginning before any formal notifications have been made.
Protection
Protection is another key foundation of Kasten by Veeam’s approach to data protection. Protection of all specified application components and databases across multi-cluster and multi-cloud arrangements is an important Kasten K10 differentiator. On older platforms where data protection is predefined by infrastructure volumes to deployment, these advancements are not preserved. Kubernetes is dynamic in nature, and the backup manager must track the application and components across a myriad of platforms and interfaces to secure a rapid restoration. Now with the incorporation of Kyverno into Kasten K10, application teams can ensure that new applications are launched within prescribed guardrails to minimize security gaps that have been previously considered. This aspect of data protection gives peace of mind to application teams.
Restoration
Finally, Kubernetes specific data protection is essential to meeting RTOs and RPOs with tighter and more strict timelines and rules for data loss while meeting the performance expectations of a modern computing program. Blueprints and other cloud native features ensure that restorations happen quickly and according to pre-scripted guidelines that protect how Kubernetes applications are restored to service. One of the most productive aspects of the Kasten K10 V6.0 data protection release is the Transforms Library that includes sets of transforms to enable the true mobility of applications. This is particularly important during a planned or unplanned restoration that involves a migration to a new resource such as from a compromised cloud platform to a backup private cloud. Having the Transform sets appropriate to making these rapid changes is why having Kasten K10 as your Kubernetes data protection provider pays dividends in the form of operational efficiency, platform agility and just plain peace of mind.