Summary
This technical report discusses the critical importance of securing storage and backup systems within the financial services sector. It outlines the current landscape of data security, particularly in light of the increasing sophistication of ransomware attacks. The report highlights that many Chief Information Security Officers (CISOs) may not prioritize storage and backup security, despite its significance. It presents findings from a recent research report indicating that a majority of security leaders recognize the potential catastrophic impacts of storage attacks but lack confidence in their recovery capabilities. The document proposes a four-step approach for improving storage and backup security, which includes education on existing technologies, defining security baselines, implementing necessary controls, and maintaining ongoing risk management. The report emphasizes the need for CISOs to engage with IT infrastructure teams to address these pressing security challenges effectively.
