CXOInsights by CXOCIETY

PodChats for FutureCIO: Fixing vulnerabilities and misconfigurations before they happen

October 05, 2023 CXOCIETY | FutureCIO FutureCFO FutureIoT Season 4
CXOInsights by CXOCIETY
PodChats for FutureCIO: Fixing vulnerabilities and misconfigurations before they happen
Show Notes

Continuity's State pf Storage and Backup Security Report 2023 reveals that on average there are 14 security risks found in a typical enterprise storage and backup system. Out of the 14 risks, 3 are high or critical risks.

In the past two years, online backups were frequently targeted as part of ransomware attacks. This led to data being deleted or made otherwise unusable to prevent recovery of now-encrypted primary data. Our recommendation is to maintain an immutable, preferably offline copy of backups and test them regularly to ensure viability.

The report concluded that there remains a lack of hardening both in backup environments and storage systems themselves. 

Pure Storage CTO and VP for APJ Matthew Oostveen joins us on this podchat to help us fix storage vulnerabilities and backup misconfigurations before they happen.

1.       Can you name common prevailing myths around Storage, Backup, And Data Recoverability?

2.       Can you identify the three most common storage vulnerabilities in Asia including perhaps backup misconfigurations that leave organisations vulnerable to cyberattacks?

3.       Why are organizations failing to address data backup security risks?

4.       Traditionally backups and recovery fall under the CTO. Given the rise in cyberattacks targeting backups, why should the CISO get involved in data backups? 

5.       Will the adoption of AI and ML tools in backup and recovery processes simplify or strengthen an organisation's security posture?

6.       Can you provide 3 tips to enhance backup and recovery processes to reflect the hybrid workspace that is the norm today?

7.       2024 is almost here. What's your expectations as it relates to backup and recovery technologies and practices, and your advise for responsible members of the organization as it relates to keeping of threats and staying in line with what's available or coming?