According to Curtis Preston, Chief Technical Evangelist at Druva, cyberattacks are not a matter of “if,” but “when.” In this episode, Tom Fox. and Curtis dive into the importance of backup systems and cyber resilience to protect against ransomware and other types of cyberattacks. Curtis shares his insights on how to limit the blast radius of an attack, why you should assume a breach, and the need to have a playbook and a cyber response team in place. They also discuss the role of state-sponsored attacks in non-kinetic warfare and the need for increased cyber resilience as we approach 2030.
W. Curtis Preston has 30 years of experience in the backup and data protection industry. He started his career at MBNA, the second-largest credit card company in 1993, and has been specializing in backup servers ever since. He is currently the Chief Technical Evangelist at Druva, where he talks, writes, and hosts podcasts about data protection systems. Curtis is also known as ‘Mr. Backup’, a moniker that he adopted while writing his first book on backups.
You’ll hear Tom and Curtis discuss:
- SaaS-based data protection systems are becoming increasingly important as more companies rely on SaaS infrastructures like Microsoft 365 and Google Workspace. Companies should not count on these providers to protect their data; they should consider using SaaS-based backup systems instead.
- Curtis tells Tom, “There should be security interest, as well as technical and storage and network interest. All of those interests should be reflected in the implementation of such an important system as a data protection system.”
- Ransomware attackers are now targeting backup systems directly, making it crucial for companies to modernize the security infrastructure of their backup systems. They can do this by using SaaS-based systems that come with modern security features such as multi-factor authentication, triggers and alerts, and the concept of least privilege.
- The inefficiencies and difficulties of a typical on-premises backup infrastructure, such as overbuilding and overengineering, can be solved by using a SaaS-based system where companies only pay for what they are actually using.
- Fire drills, or ransomware drills, can help companies develop “muscle memory” and test their incident response playbook before an actual attack occurs.
- Role-based administration is important to limit the blast radius in case an administrator’s account is compromised. Each person involved in the backup process should have specific roles and responsibilities.
- State-sponsored attacks on American businesses, especially from Russia, are increasing. It’s important to beef up defenses, assume breaches, and have a playbook ready to respond to ransomware attacks.
- By 2030, cyber resilience and protection topics will increase as people become more aware of cyberattacks. Passwords will be a thing of the past, and people will have to live in a world of constant cyberattacks.
- A robust backup plan in place with sufficient security protocols is essential to recover from a cyberattack. It’s important to have the backup system completely air-gapped from the primary network.
- Druva is a SaaS provider that offers a backup system that is stored behind a different authentication and authorization system. The data and metadata are separated for security reasons and constantly monitored for security purposes.
KEY QUOTES:
“Today, I think the average user is so used to equipment that just works, they don’t really think as much about backup and recovery, I think, as we did back in the day.” – Curtis Preston
“By the way, I do think by 2030, passwords will be a thing of the past.” – Curtis Preston
“It’s also having a robust backup plan in place with sufficient security protocols and that when you are attacked, not if when you are attacked, they can’t take your star player out, and if it all does go down, you have a way to at least build back.” – Curtis Preston
Resources:
