Legacy infrastructure not up to today’s ransomware challenges


A global study commissioned by Cohesity shows that nearly half of respondents say their organization relies on legacy backup and recovery infrastructure to manage and protect their data. In some cases, this technology is more than 20 years old and was developed well before today’s multicloud era and the onslaught of sophisticated cyberattacks that are plaguing businesses worldwide.

Challenges related to legacy infrastructure could easily be compounded by the fact that many IT and security teams appear to have no plan to mobilize if and when a cyberattack occurs. Nearly 60% of respondents expressed some level of concern that their IT and security teams would be able to efficiently respond to the attack.

These are just some of the results of an April 2022 Censuswide survey of more than 2,000 IT and SecOps professionals (nearly 50/50 between the two groups) in the United States, United Kingdom, Australia and New Zealand. All respondents play a role in the IT or security decision-making process in their organizations.

“IT and security teams should sound the alarm if their organization continues to use legacy technology to manage and secure their most important digital asset – their data,” said Brian Spanswick, CISO, Cohesity.

“Cybercriminals prey on this legacy infrastructure, knowing it was not built for today’s distributed, multi-cloud environments, nor was it built to help organizations protect and quickly recover from sophisticated cyberattacks.”

The backup and recovery infrastructure used to manage data could be considered obsolete

Forty-six percent of respondents indicated that their organization relies on a primary backup and recovery infrastructure that was developed in 2010 or earlier. Nearly 100 respondents (94 from 2011) said their business relied on a backup and recovery infrastructure that was built before the new millennium—in the 1990s.

Businesses are embracing this legacy technology despite the fact that managing and securing data environments has become much more complex, not only because of the exponential growth of structured and unstructured data, but also because of the multitude of locations where that data is stored. 41% of respondents said they store data locally, 43% rely on public cloud storage, 53% use a private cloud, and 44% have adopted a hybrid model (some respondents use more than one option).

“In 2022, the fact that every organization is using technology to manage their data that was developed in the 1990s is scary as data can be compromised, exfiltrated, held hostage and this leads to massive compliance issues for organizations,” said Spanswick.

“In this survey, we easily found close to 100 respondents who indicated their organizations depend on legacy data infrastructure, and this begs the question, how many other organizations around the world are in the same situation?”

What keeps IT and SecOps teams up at night

Respondents highlighted what they believe are the biggest obstacles to getting their business up and running again after a successful ransomware attack. The results are as follows (respondents were asked to tick all that applied):

  • Integration between IT and security systems (41%)
  • Lack of coordination between IT and security (38%)
  • Lack of an automated disaster recovery system (34%)
  • outdated backup and recovery systems (32%)
  • Lack of a current, clean, immutable copy of the data (32%)
  • missing and timely detailed alerts (31%)

Regarding the lack of coordination between IT and security, this aligns with other findings from this survey, which indicate that there is often a gap between IT and SecOps that puts business and security positions at risk.

What do survey participants want to prioritize from management?

Respondents indicated that modernizing data management, protection, and recovery capabilities, along with increased collaboration between IT and SecOps, offers a path to strengthening their organizations’ security posture and multicloud operations. The top five “must-have” actions respondents would want management to take in 2022 are:

  • Integration between modern data management and security platforms and AI-powered alerts on anomalous data access to provide early warning of ongoing attacks (34%)
  • Extensible platform for third-party applications for security operations and incident response (33%)
  • Automated disaster recovery of systems and data (33%)
  • Upgrading from legacy backup and recovery systems (32%)
  • Fast, enterprise-wide backup with data encryption in transit (30%)

“Both IT decision makers and SecOps should endorse the cyber resilience findings, and that includes an assessment of the overall infrastructure used for data identification, protection, detection, response and recovery in accordance with the NIST framework. Also, both teams need to have a thorough understanding of the potential attack surface,” Spanswick said.

“Next-gen data management platforms can bridge the technology gap, improve data visibility, help IT and SecOps teams sleep better at night, and stay ahead of bad actors who take great delight in exfiltrating data from legacy systems, those who cannot recover.”


Comments are closed.