Cyber Connection Between Enterprise Storage and NIST Cybersecurity Framework>
Storage Newsletter – Eric Herzog
The article discusses the growing threat of malware and ransomware attacks against storage management systems.
Malware is any program that is designed to harm, corrupt, or disrupt a system or device, while ransomware is a type of malware that encrypts stored data and demands a ransom to restore access.
These types of attacks can be devastating for businesses, as they can cause significant financial losses due to the cost of recovering data and systems, as well as loss of customer trust and reputational damage.
To mitigate these risks, organizations need to take proactive measures to secure their storage management systems against malware and ransomware attacks.
This includes implementing strong authentication and access controls, regularly patching and updating systems, and using antivirus and anti-malware software to detect and prevent attacks.
However, even with these measures in place, there is still a risk of data breaches through storage.
Attackers can corrupt data by modifying files or databases, tampering with log and audit data, and hiding their presence in an enterprise’s infrastructure for a year without being detected.
In some cases, they may even be able to bypass security measures altogether.
To protect against these types of attacks, organizations need to implement cybersecurity best practices for storage management systems.
This includes using immutable snapshots, which are secure and unchangeable copies of data that can be used for testing, validation, and recovery.
Logical isolation is also important, as it allows IT teams to create a fenced forensic network that is completely private and isolated from the rest of the enterprise network.
The NIST Cybersecurity Framework provides guidance on implementing these best practices and more, including functions for identifying, detecting, protecting, responding, and recovering from cyberattacks.
The framework also includes implementation tiers that help organizations understand their current level of security and identify areas where they can improve.
By following the NIST Cybersecurity Framework (NIST 800-209) and implementing other best practices for storage management systems, organizations can significantly reduce their risk of data breaches through storage, protect their sensitive data against malware and ransomware attacks, and maintain strong cyber resilience across all aspects of their IT operations.
Link: https://www.storagenewsletter.com/2024/02/14/cyber-connection-between-enterprise-storage-and-nist-cybersecurity-framework