While ransomware continues to be a growing problem, double extortion ransomware in particular has been growing even more rapidly for organizations. Zscaler’s ThreatLabz has found a nearly 120% growth in double extortion ransomware. Double extortion attacks are devastating for organizations because they involve both the encryption of production data as well as the exfiltration of data. This type of dual-pronged attack not only places organizations at risk for downtime but also regulatory compliance failure from the leakage of sensitive data.
The growth of these attacks and the associated growth of data regulations has raised the importance of data security for organizations. Legacy approaches to backup have been rendered completely useless against double extortion attacks since attackers often encrypt backups and provide little insight into sensitive data exposure. Meanwhile, organizations have turned to Data Loss Prevention (DLP) capabilities as part of a comprehensive zero trust strategy to prevent bad actors and malicious insiders from exfiltrating sensitive data.
Earlier this week at RSA Conference in San Francisco, Rubrik and Zscaler announced a new technology integration and partnership, offering the industry’s first double extortion ransomware solution. The new integration enables smarter and more complete data loss prevention while enabling IT and security teams to more effectively collaborate to combat escalating cyberthreats.
Organizations have historically faced a challenge with identifying sensitive data across their digital estate. Discovering sensitive data has traditionally required siloed and expensive infrastructure to scan production systems and capture metadata. Not only has this siloed and expensive approach placed an extra burden on production systems, but it has also led to increased complexity with additional infrastructure to maintain. Identifying sensitive data has been so cumbersome that the full benefits of data loss prevention initiatives have often not been achieved leaving critical data to end up becoming exfiltrated. That’s exactly why a better approach to sensitive data discovery is essential to preventing data exfiltration from double extortion ransomware.
Rubrik’s unique zero trust architecture directly addresses this challenge by scanning for sensitive data out-of-band from production systems. With this architecture, Rubrik uses secure, immutable backups to identify what types of sensitive data they have, where it lives, and who has access to it. These insights can then be used to easily identify the files that should be used by data loss prevention systems so that data protection policies can be enforced more accurately. This ultimately places valuable data security insights in the hands of even more security and compliance teams to strengthen data protection policies that help prevent the loss of critical business data.
Rubrik is uniquely positioned to partner with Zscaler on defending against double extortion ransomware by addressing both aspects of the dual-pronged attack. Sensitive data insights combined with Zscaler’s data loss prevention innovations help mitigate the risk of data exfiltration. Meanwhile, secure backups ensure that data is readily available for fast recovery should production data become encrypted.
Bipul Sinha, CEO of Rubrik, and Jay Chaundry, CEO of Zscaler recently sat down with Jon Fortt on CNBC Overtime to discuss the role of zero trust solutions in addressing this growing threat of double extortion ransomware. Check out the entire clip here and hear the discussion about why this new partnership is timely as news of unauthorized access and exfiltration of data continues to trend.
Rubrik’s leadership in data-at-rest intelligence and Zscaler’s leadership in data-in-motion security are the perfect example of leaders coming together to deliver smarter and more complete data loss prevention for organizations struggling with double extortion ransomware. To see the new integration between Rubrik and Zscaler in action, check out the demo walkthrough on the Zscaler partner page here and join us for Forward, Rubrik’s annual user conference, where you can find complete cyber resilience with proven cyber recovery. Register for Forward here.