EMC Global Data Protection Index 2016: Tracking and Thwarting Evolving Cyber Threats

By Charles King, Pund-IT, Inc.  June 29, 2016

Enterprise IT likely feels more than a little whipsawed these days. Not only do organizations continue to create data at unprecedented rates, but IT staff and management are continually asked to accommodate and adapt to unfamiliar, sometimes chancy on- and off-prem technologies that often conflict with or outright ignore conventional IT guidelines and SLAs.

At the same time, cyber threats and their creators aren’t going away. In fact, they’re more imaginative and energized than ever, developing new approaches that can effectively hold a company’s critical data hostage for ransom or auto-destruct massive volumes of crucial business information.

That’s scary stuff, indeed. So in a world of ever-evolving, ever-escalating cyber threats, how can IT securely accommodate the demands of their end user customers, and just how effective is that course? Those are the core issues examined in the new EMC Global Protection Data Index (GPDI) 2016, an update to the GPDI study sponsored by the company (and also conducted by Vanson Bourne) in 2014.

The new study examined the state of backup and recovery practices among 2,200 mid-sized and large enterprises worldwide (in 18 countries) and the tangible effects of data loss and downtime on those organizations. Along with considering those issues, EMC outlines solutions it offers to address and correct specific problems.

A shorthand version

So what did the new Global Protection Data Index 2016 study discover? Some pretty serious news.

  • Despite significant reductions in the traditional sources of data loss and disruption (hardware, software and power failure, and data corruption) new threats resulted in a significant uptick (13%) of businesses suffering data losses.
  • The average cost of a data loss among survey respondents was over $914,000.00
  • More than a third (36%) of study participants’ organizations lost data in 2015 due to external (23%) and internal (13%) security breaches
  • Four fifths (80%) of the companies surveyed said they do or will leverage software-as-a-service (SaaS) solutions, yet over half reported that they fail to protect company data residing in the cloud
  • Though sales of flash-based offerings are growing far faster than other storage solutions, nearly three quarters (73%) of study participants lack confidence in their ability to protect flash storage environments.

Cyber threats and real world damage

The current state of cyber threats is both ugly and disturbing, in large part due to fundamental changes in who is attacking and how they’re working together. Inventive, individual hackers have largely been replaced by knowledgeable, well-organized teams of technologists that are often funded by criminal organizations and rogue states.

That doesn’t mean that traditional threats like cyber thefts and denial of service (DOS) attacks have disappeared. In fact, they continue to grow in scope and severity, resulting in billions of dollars in annual losses. But they have been joined by emerging yet still highly dangerous threats from groups bent on either destroying huge volumes of data or seizing control of critical business information, then extorting cash in exchange for its release.

Two fairly recent attacks demonstrate how disruptive these new threats can be.

  1. Late in 2014, a group of hackers calling themselves the Guardians of Peace (GOP) used malware to obtain and then systematically release confidential documents from Sony Pictures. GOP then demanded that Sony pull its film, The Interview (a comedy concerning the assassination of North Korean leader Kim Jong Un). Sony pulled the film from theaters but GOP continued dumping data, some of which publicly embarrassed the company. Eventually, Sony discovered that nearly half of its company PCs and servers were infected, requiring millions of dollars in repair costs and weeks of disruption.
  2. In February 2016, hackers used malware to acquire control of the computer systems at Hollywood Presbyterian Hospital. They then reportedly demanded over $3M in Bitcoins to return control of the systems to the hospital. After some negotiations, Hollywood Presbyterian paid the hackers a ransom of 40 Bitcoins worth about $17,000. However, the hospital did not report the hack or the payoff to authorities until after the fact, leading authorities to believe that the people responsible will attempt to extort other healthcare facilities.

Interestingly, EMC noted that both of these emerging attack vectors can be thwarted by what the company calls Isolated Recovery Solutions.

Evolving threats and EMC solutions

In essence, EMC’s Isolated Recovery Solutions enable businesses to create “virtual panic rooms” that isolate their most valuable and/or sensitive data from attacks that compromise networked systems.

Based on EMC’s XtremIO, Unity and Isilon offerings, the new Isolated Recovery Solutions will support recovery time objectives (RTOs) far faster than traditional tape-based products, restoring systems to working order in minutes rather than hours or days. That should reduce the effectiveness of attacks designed to steal/reveal critical, private corporate data, and thwart extortionists who attempt to hold a company’s systems hostage for ransom.

EMC also discussed solutions designed to help customers manage other emerging problems. Those include the company’s comprehensive portfolio of offerings for on-premises-to-cloud and cloud-to-cloud data protection, and specific EMC solutions designed to address a wide variety of enterprise platforms and data protection scenarios.

Final analysis

An essential takeaway from the EMC Global Protection Data Index 2016 is that no organization or situation can ever be entirely safe from cyber threats. In large part that’s because threats and those who create them are constantly evolving and looking for opportunities to exploit.

But while daunting, this situation is not one that can be effectively addressed by hiding one’s head in the sand. Instead, businesses are better served by facing those problems, learning as much as they can about the threats and parties involved, and working with vendors that can be effective allies.

Given its new Isolated Recovery Solutions, EMC is a vendor worth serious consideration, especially for companies fearing data destruction and cyber extortion. But its other data protection offerings demonstrate EMC’s ambition to be the ally enterprises need for the problems they face today and those they expect tomorrow.

© 2016 Pund-IT, Inc. All rights reserved.