In a bid to enhance its extended detection and response (XDR) solution, Cisco, the enterprise networking and security vendor, has introduced new ransomware recovery features. These features aim to provide near real-time recovery for businesses following a ransomware attack, reducing downtime and enabling enhanced levels of business continuity.
The increasing prevalence of ransomware attacks has made effective and timely recovery a critical challenge for businesses across various industries. During the second quarter of 2023, the Cisco Talos Incident Response (IR) team witnessed the highest number of ransomware engagements in over a year. This surge in attacks is further substantiated by the recent ReliaQuest Ransomware & Data-Leak Extortion report, which revealed a significant rise in ransomware activity during Q2, with a record-breaking number of victims being named to ransomware data-leak sites.
To address these cybersecurity threats, Cisco has developed new capabilities within its XDR solution. These capabilities enable security operations center (SOC) teams to automatically detect, snapshot, and restore business-critical data at the first signs of a ransomware attack. By taking immediate action, businesses can potentially prevent the lateral movement of ransomware through their networks, safeguarding high-value assets and minimizing the impact of the attack.
Jeetu Patel, Executive VP and General Manager of Security and Collaboration at Cisco, highlighted the need for a platform approach to counter the exponential growth of ransomware and cyber extortion. Patel emphasized the importance of building a resilient and open cybersecurity platform that can withstand ransomware assaults and recover with minimal impact, ensuring uninterrupted business operations.
In addition to the new ransomware recovery features, Cisco is expanding its range of third-party XDR integrations. The company has now included Cohesity’s DataProtect and DataHawk solutions in its integrations, broadening the scope of the XDR solution. Cohesity’s products offer configurable recovery points and recovery for systems under a protection plan. The integration with XDR enhances these capabilities by preserving potentially infected virtual machines for future forensic investigations, while simultaneously safeguarding data and workloads in the rest of the environment.
With the introduction of these new features and expanded integrations, Cisco aims to provide businesses with a comprehensive cybersecurity platform that combats ransomware attacks and enables swift recovery. By detecting and addressing ransomware at its early stages, businesses can minimize the disruption caused by these attacks and ensure the continuity of their operations.
As the threat landscape continues to evolve, organizations must remain vigilant and proactive in their cybersecurity measures. Cisco’s XDR solution, with its ransomware recovery features and expanded integrations, offers businesses the tools they need to mitigate the impact of ransomware attacks, safeguard critical data, and maintain operational resilience.