Page 121 - Cyber Defense eMagazine RSAC Special Edition 2025
P. 121

The Current Threat Landscape

            Cybersecurity experts have seen a significant surge in cyber activities, primarily focused on obtaining
            credentials,  gaining  access,  and  manipulating  or  removing  data.  These  activities  often  culminate  in
            ransomware or other catastrophic attacks, forcing your business to recover and potentially even pay a
            ransom.

            What’s more, the threat landscape has evolved to a point where many attackers are now using AI to
            make their attacks easier. For instance, AI-generated phishing emails can now mimic trusted figures like
            CEOs, making the attack more convincing and harder to detect.

            Backup  operations  are  particularly  attractive  targets  for  these  threats.  Sophos'  2024  State  of
            Ransomware  report  reveals  that  94%  of  cyber  attacks  also  attempt  to  compromise  backup.  Some
            ransomware gangs and variants like LockBit specifically target backup environments. A recent attack on
            UnitedHealthcare, a company that typically fends off an attack every 70 seconds, managed to freeze
            large portions of its IT infrastructure, including backup systems.

            While the zero-trust approach is crucial in securing enterprise backup environments, it has limitations.
            On its own, zero trust is not enough to protect backup against these sophisticated threats.



            Things Have Changed

            In the past, once users passed initial security checks, they were trusted forever. They could access any
            resource in the network without ever being verified again. But the modern IT landscape — with its cloud
            computing, mobile workforces, and distributed systems — has rendered this approach obsolete. We can
            no  longer  rely  on  a  single  digital  or  physical  barrier  for  protection.  Because  attackers  can  easily
            compromise user credentials and move laterally within the network, continuous verification is now a must.

            Consequently, the access control methods that were effective a decade ago will no longer cut it.



            The Concept of Zero Trust — Never Trust. Always Verify.

            A zero-trust security model requires authentication for every single access request every time, no matter
            how many times the credentials have been verified before. The point of this “never trust; always verify”
            approach is to limit security exposure, minimize the number of attacks, and reduce the impact when they
            occur. That’s why zero trust belongs in every IT and data protection strategy.



            Special Considerations for the Backup Environment

            The  backup  environment  poses  unique  security  challenges  that  make  it  ideal  for  the  zero  access-
            approach.








                                                                                                            121
   116   117   118   119   120   121   122   123   124   125   126