A Reliance On Legacy Technology Is Undermining How Organisations Respond To Ransomware


New global research commissioned by Cohesity, reveals that nearly half of respondents say their company depends on outdated, legacy backup and recovery infrastructure to manage and protect their data.

In some cases, this technology is more than 20 years old and was designed long before today’s multi-cloud era and the onslaught of sophisticated cyberattacks plaguing enterprises globally.

Challenges pertaining to outdated infrastructure could easily be compounded by the fact that many IT and security teams don’t seem to have a plan in place to mobilise if and when a cyber attack occurs. Nearly 60 per cent of respondents expressed some level of concern that their IT and security teams would be able to mobilise efficiently to respond to an attack.

“IT and security teams should raise the alarm bell if their organisation continues to use antiquated technology to manage and secure their most critical digital asset – their data,” said Brian Spanswick, chief information security officer, Cohesity. “Cyber criminals are actively preying on this outdated infrastructure as they know it was not built for today’s dispersed, multi-cloud environments, nor was it built to help companies protect and rapidly recover from sophisticated cyberattacks.”

Backup and recovery infrastructure that could be considered archaic

Forty-six per cent of respondents said that their organisation relies on primary backup and recovery infrastructure designed in or before 2010. Nearly 100 respondents (94 out of 2011) revealed that their organisation relies on backup and recovery infrastructure built before the new millennium — in the 1990s.

Enterprises are utilising this legacy technology despite the fact that managing and securing data environments has become much more complex, not just because of the exponential growth in structured and unstructured data but because of the vast array of locations where that data is stored. Forty-one per cent of respondents stated that they store data on-premises, 43 per cent rely on public cloud storage, 53 per cent utilise a private cloud, and 44 per cent have adopted a hybrid model (some respondents are using more than one option). 

“In 2022, the fact that any organisation is using technology to manage their data designed in the 1990s is frightening given that data can be compromised, exfiltrated, held hostage, and it can create massive compliance issues for organisations,” said Spanswick. “In this survey, we found nearly 100 respondents who said their organisations are relying on outdated data infrastructure, and this raises the question, how many other businesses are in the same situation around the world?”

What keeps IT and SecOps teams up at night

Respondents highlighted what they believe would be their biggest barriers to getting their organisation back up and running after a successful ransomware attack. The findings are as follows (respondents were asked to check all that apply):

  • integration between IT and security systems (41 per cent)
  • lack of coordination between IT and Security (38 per cent)
  • lack of an automated disaster recovery system (34 per cent)
  • antiquated backup and recovery systems (32 per cent)
  • lack of a recent, clean, immutable copy of data (32 per cent)
  • lack of and timely detailed alerts (31 per cent)

With respect to the lack of coordination between IT and security, this coincides with other findings from this survey, denoting that a gap often exists between IT and SecOps that puts businesses and security postures at risk.

What do survey respondents want management to prioritise

Respondents revealed that modernising data management, protection, and recovery capabilities, in addition to increasing collaboration between IT and SecOps, offers a path to strengthening their organisations’ security postures and multi-cloud operations. The top five “must have” measures that respondents would ask management for in 2022 are:

  • Integration between modern data management and security platforms and AI-powered anomalous data access alerts to provide early warning of attacks in progress (34 per cent)
  • An extensible platform for third-party applications for security operations and incident response (33 per cent)
  • Automated disaster recovery of systems and data (33 per cent)
  • Upgrading from legacy backup and recovery systems (32 per cent)
  • Rapid, organization-wide backup with in-transit data encryption (30 per cent)

“Both IT decision-makers and SecOps should co-own the cyber resilience outcomes, and this includes an evaluation of all infrastructure used in accordance with the NIST framework for data identification, protection, detection, response, and recovery. Also, both teams need to comprehensively understand the potential attack surface,” said Spanswick. “Next-gen data management platforms can close the technology gap, improve data visibility, help IT and SecOps teams sleep better at night, and stay one step ahead of bad actors who take great delight in exfiltrating data from legacy systems that can’t be recovered.”