Every business leader hopes that neither a ransomware attack nor accidental data loss through human error will happen to their organisation. In reality, both present a significant threat to data integrity and business continuity. However, whilst the risks of cyberattacks are taken more seriously, the same care and attention that’s spent defending against ransomware is rarely lavished on barriers to protect against human error and unintentional data loss.
Where is the biggest risk?
According to the Veritas 2020 Ransomware Resiliency Research, enterprises surveyed have been the victim of 4.5 ransomware attacks. The risk is real and growing. In fact, cyberattacks have increased in frequency by nearly 50% during the third quarter of 2020. Attacks are getting more sophisticated as organised criminals zone in on high-value data from targeted organisations. Hackers are finding new ways to exert pressure on their victims to pay by bringing whole IT systems to a halt or stealing sensitive data and threatening to publish it online. As a result, 43% of attacked businesses have avoided paying a ransom to these criminal hackers.
Against this backdrop, anyone could be forgiven for thinking that these criminals were the biggest threat to business data. However, human error remains a far more common cause of data loss, and it is growing. According to an analysis of their data, 90% of all breaches reported to the UK Information Commissioners Office (ICO) during 2019 resulted from mistakes made by users; up from 61% and 87% over the previous two years.
Human error is becoming a more distributed challenge for organisations. Even if businesses train their entire workforce to exceptional standards, they’re probably only reaching a fraction of the people who could put their data at risk. Business partners, contractors, third parties, and all manner of workers in the supply chain can impact data integrity.
So, even with the rapid growth and greedy expansion of ransomware attacks, hackers still have a long way to go before having a broader impact on business data over human error.
What can we learn from the ransomware approach?
Whilst the motivation and circumstances behind these two types of data loss couldn’t be more different, the solutions have a lot in common. Here are five key lessons learnt from protecting against ransomware attacks that can be applied to prevent human error data loss:
So, what will knockout your data centre? A ransomware attack or human error? The reality of the situation is that both are coming for your business data and will hit at some point. The law of averages says that human error will occur most often. Still, ransomware will also get there in the end, and both can be devastating. Organisations should prepare to protect, detect, respond, and recover from both threats.