It is said that the best-run organisations prioritise cybersecurity spending as a business decision first. Gartner’s Hype Cycle for Data Security 2023 reflects the increasing dominance of this approach. As key technologies needed for assessing and quantifying cloud risk mature, we see the continuing emergence of new technologies purpose-built to protect against emerging threats that inevitably arise alongside these new technologies.
One such is data immutability – a concept that grew in prominence with the invention of blockchain technology in 2008. The concept has since gained traction outside of the confines of its origin including in data protection and cybersecurity.
What is data immutability? How does it impact organisations under regulatory compliance? Martin Creighan, vice president of Asia Pacific with Commvault, defines data immutability as the ability of any data to be maintained in a non-fungible or non-replaceable state for a specific duration of time.
“What that means is that enterprises need to save a version of their data that cannot be altered, deleted, or overwritten, and they need that, in the cases where they might be under attack, and they need to be able to recover data,” he elaborated.
Why data immutability
Asked what is driving the interest in data immutability, Creighan points to desires by organisations to be resilient, particularly against cyber threats – more specifically, the persistent threat of ransomware attacks.
IDC says in 2022, more than 60% of APJ enterprises experienced a ransomware attack. Creighan reckons these attacks result in “colossal, legal, financial and reputational consequences for organisations.”
“Organisations have to protect their data against ransomware. If I have to have the capability to recover, then I need to make sure that the data that I'm using to recover from the attack is immutable. I have a copy that has not been tampered with, that has no threats or malware in it, and that I can use to recover and become operational again.”
Martin Creighan
Challenging
Creighan acknowledges the challenge of mitigating the risks of ransomware to be ‘absolutely challenging.’ “Embracing a zero-loss strategy and adhering to zero-loss principle is ultimately the way that organisations want to proceed to fight,” he opined. “What will help them reduce their cost is centralising to a management platform and gaining end-to-end data visibility to protect their data and their workloads.”
The AI factor
Creighan thinks that given cybercriminals are already using artificial intelligence to attack organisations – that it only makes sense to use the same technology to fight the criminal elements.
He suggests using AI to investigate if data assets have been tampered with. He believes that organisations can use machine learning, automation, and AI, to fight against the bad guys who are trying to use AI to get into our organisations.
Creighan claims that CIOs, CISOs and CXOs are interested in the potential of these tools, practices and processes to counter the attacks organisations face daily.
Beyond ensuring compliance with industry and government regulations, Creighan believes that data immutability is also one requirement insurers are looking for when evaluating corporate applications for cyber insurance.
"Combining AI-driven threat detection with data immutability can help organisations meet regulatory requirements. It can help with basically building the integrity and security around your data. It can help with improved trust and reputation in regards to protecting your data and being able to recover using AI."
Fast-tracking the journey to data immutability
Creighan is confident that organisations that now follow data protection strategies like 3-2-1 principles are already on the way to having immutable data sources.
“I think the extra steps that they have to take are then looking at their data, scanning their data, so doing a threat scan across their data, making sure that in both their production, their primary, their secondary, and their off-site – copies are clean,” he added.
From there he suggests the next step is to evaluate the organisation’s air gap – the capability to have an immutable copy offsite, not connected to anything. “A data store that's there to always have your data in a recoverable form,” he explained.
With 2024 just around the corner, he says that organisations should be prepared as the amount of threats get higher.
"We are going to have to embrace the technology and the basics to make sure that we are doing the small things correctly, and that we have a plan. We are going to have to make sure that we are adhering to the available security frameworks, that we are testing the plan, and that we have the allocated resources and the technology to fight the attacks that are going to increase exponentially as we move into 2024. "
Click on the Podchat player to hear Creighan elaborate on how data immutability may support an organisation’s data protection strategy amid evolving regulations in Asia.
- What do you mean by data immutability?
- Why are organisations evolving towards data immutability?
- How can AI be used to detect and prevent ransomware attacks and enhance data immutability within an organisation's data infrastructure?
- In what ways can AI be utilised to identify and flag any attempts to alter immutable data, thus providing a defence against ransomware attacks?
- How can the integration of AI and data immutability technologies help organisations recover from ransomware attacks and ensure that their data remains secure and unaltered?
- What are the potential benefits of combining AI-driven threat detection with data immutability to mitigate the impact of ransomware attacks on an organisation's data assets?
- 2024 is just around the corner. How do you see AI and data immutability evolve in terms of adoption or integration given that cyberattacks will continue to rise in velocity and ingenuity?