IT leaders think immutable data storage is an insurance policy against ransomware

IT leaders consider immutable storage as a must-have in the fight against cyberattacks, according to Scality.

Ransomware threats are now understood by organizations to be inevitable. Reports show 1 in 4 organizations that pay a ransom never get their data back, and just 16% are able to recover without paying a ransom.

This reinforces immutable data storage’s role as an essential last line of defense within a cybersecurity toolkit. With this type of storage, data cannot be deleted or modified once written, increasing data safety and ensuring organizations have the power to restore data with 100% accuracy in the event of a breach.

94% of IT leaders either already rely on such data storage or plan to implement it within the next 12 months, and an additional 2% plan to deploy it within the next three years.

69% consider this data storage essential to their corporate cybersecurity, and only 12% of those who deployed immutable data storage say it is not essential.

Vertical market and regional nuances

Comparisons among IT leaders surveyed across vertical industries and specific countries reveal many notable differences.

Vertical market

Manufacturing organizations (95%) are most likely to deploy immutable storage, and 84% consider it essential to their corporate cybersecurity. Financial services firms (74%) report the lowest reliance on this storage, and 60% say it’s essential to their corporate cybersecurity.

Regional

A majority of IT leaders across all regions currently use or plan to use immutable data storage: The US has the highest level of current or planned deployments, with 98% of respondents either having implemented it or planning to do so within the next year. This is followed by France at 96%, Germany at 94% and the UK at 85%.

While a relatively low number (12%) of IT leaders worldwide who currently use immutable data storage do not regard it as “essential” to their cybersecurity strategy, a larger percentage resides in the UK: 24% of UK respondents have deployed it but say it is not essential to their cybersecurity, compared to 11% in France, 9% in the US and 6% in Germany.

“Widespread deployment of immutable storage reinforces an increased awareness of the critical role secure backup plays as an active defence against cyberattacks, specifically coupled with immutable backup data. Veeam believes that achieving zero trust data resilience with immutable storage implementations — that are indeed truly immutable — is a great opportunity for IT leaders to reduce the risk of growing data security threats and improve their overall cyber resilience,” said Dave Russell, VP of enterprise strategy at Veeam Software.

The role of immutable storage in data cybersecurity

The survey reveals the criticality of immutable storage at a time of evolving industry dialogue about data cybersecurity best practices and technologies. But it’s important to note that not all immutability is created equal — some forms still leave a window of exposure.

Unlike forms of immutability enabled by traditional solutions (such as NAS/file system snapshots, dedupe appliances, Linux-hardened repositories or tape), true object storage solutions are inherently immutable at the core architecture level.

The system implements proper protocols and true object storage semantics to preserve data in its original form the very moment it is written — which is not the case for other immutable solutions that can introduce time delays before data is immutable. Each object, even those written nanoseconds apart, can never be overwritten, deleted, or modified. This architectural reinforcement provides a crucial last line of defence against ransomware attackers’ attempts to encrypt data and extort victims.

“Immutable data storage is an insurance policy against ransomware. While the survey data shows IT leaders resoundingly agree that immutability is a cornerstone of cybersecurity strategy, 31% still did not report it as essential. Here’s the reality: Being able to restore quickly from an immutable backup means the difference between a successful and unsuccessful ransomware attack. Without storage that’s truly immutable, you’re vulnerable to cybercriminals’ demands,” said Paul Speciale, CMO, Scality.

“The perception among some respondents that it’s not essential to cybersecurity is misguided and represents an opportunity to shift more IT leaders towards achieving a modern, inherently immutable object storage solution as a much-needed last line of defence to keep data locked and immune to ransomware exfiltration, modification or destruction,” concluded Speciale.