Repelling A Ransomware Attack: Eric Herzog Of Infinidat On The 5 Things You Need To Do To Protect Yourself Or Your Business From A Ransomware Attack
Ransomware attacks have sadly become commonplace and increasingly more brazen. Huge enterprise businesses, gas pipelines, universities, and even cities have been crippled by ransomware and forced to pay huge ransoms. What can an individual or a business do to prevent and repel a ransomware attack? In this interview series, we are talking to cybersecurity experts who can share insights from their experience and expertise about the “5 Things You Need To Do To Protect Yourself Or Your Business From A Ransomware Attack.” As a part of this series, I had the pleasure of interviewing Eric Herzog, Chief Marketing Officer at Infinidat and an expert in cyber storage resilience.
Thank you so much for joining us, Eric, in this interview series! Before we dig in, our readers would like to get to know you. Can you tell us a bit about how you grew up?
Igrew up in northern California, watching Silicon Valley unleash a technological revolution. At the University of California, Davis, I was on the wrestling team, and I majored in Chinese history. I loved wrestling. I loved a challenge. I knew that I wanted to get into high tech because of the interesting challenges that technology addresses. Tech has changed the world, and I have been part of it since the mid-1980s.
Is there a particular story that inspired you to pursue a career in cybersecurity? We’d love to hear it.
It was not one thing that led me to believe in the importance of security in IT systems. It was really a series of things. But I do remember a time when I first learned about a company being hacked. It seemed like the cyber criminals were winning. So, I have decided I would help make it harder for cyber criminals to take data hostage and harm an enterprise. I was immersed in traditional backup for years, but now I am on the forefront of next-generation data protection, and I am still motivated to neutralize the impact of cyber criminals because I don’t like the effect that a breach has on a company. I don’t like that cybercrime is costing the world $9.5 trillion in 2024, according to Cybersecurity Ventures.
You are a successful leader. Which three character traits do you think were most instrumental to your success? Can you please share a story or example for each?
Persistence. Courage. The mentality of an underdog that has to prove something. I believe these three things are traits that have helped me to excel. I have had to be persistent to educate the enterprise market about the importance of having cyber storage resilience incorporated into their corporate cybersecurity strategies. I have had to exercise courage by heralding the importance of automated cyber protection that integrates cyber storage into security operation centers and cybersecurity applications. And the mentality of an underdog means that we do whatever it takes to make our enterprise customers successful. We don’t get complacent the way big incumbents tend to do. I try to embody that trait every day.
Are you working on any exciting new projects now? How do you think that will help people?
Yes, we are working on advancements in next-generation data protection, as well as AI models. We are taking data protection to a new level, building on cyber resilience and cyber recovery capabilities, which include immutable snapshots of data, air gapping, fenced forensic environments, and guaranteed SLAs for cyber recovery. We are now uplifting it with InfiniSafe Cyber Detection built into primary storage and transforming cyber with InfiniSafe Automated Cyber Protection.
For the benefit of our readers, can you briefly tell our readers why you are an authority about the topic of Ransomware?
I have spent years leading the charge to enable enterprises to mitigate the impact of ransomware attacks. Not only have I spent decades involved in securing storage infrastructures be that storage management security, data encryption, to cyber storage resilience, but I have also had deep experience with combatting ransomware and malware for the past three years at Infinidat, which has an industry-leading solution for enterprises and cloud service providers to safeguard themselves against these vicious cyberattacks that are so costly. I have also worked with many IT partners that we have on addressing cybersecurity issues related to the storage infrastructure.
Who has to be most concerned about a ransomware attack? Is it primarily businesses or even private individuals?
CIOs, CISOs, IT directors, enterprise data infrastructure managers, and storage administrators are among those who should be most concerned about ransomware attacks. Cyber criminals are increasingly attacking storage infrastructure. For example, these cyber criminals are likely to hack into the IT systems, attack the data backup, and then take the data on the primary storage systems hostage. This is where all the trouble begins. A demand for a ransom payment is made, and the cyber criminals have the leverage to do real harm against an organization. The data could be customer data, financial data, or any other form of sensitive data. The enterprise has a strong incentive to get it back or protect it. Virtually every enterprise is a target for ransomware.
Who should be called first after one is aware that they are the victim of a ransomware attack? The local police? The FBI? A cybersecurity expert?
The U.S. federal government has made it mandatory for any and every organization to report a ransomware attack, or any cyberattack, to the government. But when the ransomware attack has happened, the CIO or CISO should call the person in charge of the cyber storage resilience capabilities because he or she will be the one who knows whether there is a known clean copy of data available. Having a known clean copy of data available, due to immutable snapshots, means that rapid recovery can be done.
If a company is made aware of a ransomware attack, what are the most important things they should do to protect themselves further, as well as protect their customers?
As soon as a ransomware attack is detected, the IT team should make sure that immutable snapshots of clean data have been taken. This should be done automatically, and there are ways to do that through implementing automated cyber protection, which can seamless integrate with their data center-wide SOC or SIEM and SOAR cyber security software. They can air-gap the data and validate it to make sure that it is indeed clean through a step of cyber detection. Once they know it is clean, recovery of the data can be done rapidly. Every enterprise should have a cyber-focused, recovery-first strategy to be prepared for the inevitable ransomware attack.
Should a victim pay the ransom? Please explain what you mean with an example or story.
Absolutely not. Never pay the ransom. But the key to being in a position to confidently never have to pay the ransom is to have the right level of cyber storage resilience and cyber storage recovery built into the data infrastructure. Here’s a story that I see play out over and over: the ransomware attack hits, and then the enterprise is able to utilize cyber storage resilience to isolate the known clean copy of data and recover it near-instantaneously. This nullifies the impact of the cyberattack. The organization turns the situation around for the better. It does not need to pay the ransom. They have the data back. They don’t need the data that the cyber criminals encrypted and corrupted.
领英推荐
What are the most common data security and cybersecurity mistakes you have seen companies make that make them vulnerable to ransomware attacks?
Failure to use immutable snapshots. Failure to have a cyber-focused strategy to secure the storage infrastructure. Failure to automate cyber protection on their storage platforms and integrate enterprise storage with other security applications. Thinking that paying the ransom to cyber criminals is a mistake. Believing that all the network security and end-point security are enough to prevent or mitigate a ransomware attack. Many enterprises are vulnerable to ransomware attacks, but don’t quite know it yet. They have not secured their enterprise data storage infrastructure yet.
What would you recommend for the government or for tech leaders to do to help limit the frequency and severity of these attacks?
The U.S. government could expand the emphasis on cyber storage resilience as part of the NIST framework. Tech leaders can reinforce the fact that primary storage and secondary storage are now attack points for cyber criminals, so enterprises need to make changes to adapt to this elevated threat. They need to incorporate cyber resilience into their cybersecurity strategy.
Ok, thank you. Here is the main question of our interview. What are the “5 Things You Need To Do To Protect Yourself Or Your Business From A Ransomware Attack” and why? (Please share a story or example for each.)
To protect your business, you need to adopt next-generation data protection. Here are the core elements of it:
1 . Use immutable snapshots that cannot be altered or compromised in any way.
2 . Integrate automated cyber protection into your cyber security operations center and/or cyber security applications.
3 . Look for enterprise storage systems that include cyber detection as a built-in function.
4 . Make sure you have capabilities to do logical air gapping and fenced forensic environments.
5 . Pick a cyber resilient storage solution that delivers near-instantaneous recovery.
You are a person of enormous influence. If you could inspire a movement that would bring the most amount of good to the most amount of people, what would that be? You never know what your idea can trigger. :-)
I’d want to inspire a movement of cyber resilient storage being incorporated into every single enterprise in the world, so that ransomware and malware would become a thing of the past because every enterprise would have the capabilities to neutralize those cyberattacks.
How can our readers further follow your work online?
I am very active on social media, continually posting new content on a regular basis. People can follow me on LinkedIn and X. I’d love to connect with readers at @zoginstor and https://www.dhirubhai.net/in/erherzog/
This was very inspiring and informative. Thank you so much for the time you spent with this interview!
Eric Herzog is the CMO at Infinidat. Eric was named one of the “CMOs to Watch in 2024” by the CMO Alliance. He was also selected as one of the Top 10 “2024 CMO/Marketers of the Year” by OnCon. Prior to joining Infinidat, Herzog was CMO and VP of Global Storage Channels at IBM Storage Solutions. His executive leadership experience also includes: Senior Vice President of Product Management and Product Marketing for EMC’s Enterprise & Mid-range Systems Division and CMO and Senior VP of Alliances for all-flash storage provider Violin Memory.