Nutanix today extended an ability to detect threats that can be addressed by kicking off a recovery process that now takes less than 20 minutes to execute.

Lee Caswell, senior vice president for product and solutions marketing for Nutanix, said this capability shortens a recovery process enabled by Nutanix Data Lens that can now be applied to both file and object-based storage accessed via the Nutanix Unified Storage platform.

Collectively, IT organizations that adopt Nutanix platforms are more resilient in the face of a ransomware attack using more than 5,000 ransomware signatures embedded with Nutanix Data Lens, he noted. The platform also tracks permission structures and audit configurations to enable IT teams to better assess risks.

When anomalous behavior is detected by Nutanix Data Lens, a software-as-a-service (SaaS) platform will generate an alert that provides the ability to revert to the last snapshot where that behavior is not detected via a single click, said Caswell.

As IT operations teams start to assume more responsibility for security operations, they are increasingly adding cybersecurity resiliency to their evaluation criteria for new platforms, noted Caswell. That’s especially critical when reducing the amount of time required to recover from a ransomware attack, he added.

Organizations that require days to recover data are going to be much more likely to pay a ransom in the hopes of recovering the encryption keys needed to access their data. There is, of course, no guarantee an organization will be able to recover their data even if they do pay a ransom, so many of them will need to find an alternative method anyway.

It’s not clear how much influence cybersecurity teams are exercising over the selection of IT platforms, but the more modern the platform, the more resilient it tends to be. Unfortunately, most organizations can’t afford a wholesale upgrade of their IT environment, but as the qualification criteria for cybersecurity insurance becomes more challenging, it may only be a matter of time before upgrades are required.

In the meantime, there appears to be a spike in ransomware attacks as cybercriminals adjust their tactics and techniques to better evade cybersecurity defenses. Most organizations would be well advised to regularly test their backup and recovery process to make sure files have not been corrupted. In addition, it’s not uncommon for cybercriminals to target backup and recovery systems first to disable an organization’s ability to recover.

Efforts to better integrate recovery and cybersecurity have been underway for decades now, but it’s clear the rise of ransomware has finally forced the issue. Cybersecurity teams now view backup and recovery as part of the workflow to defend organizations from attacks.

One way or another, the ability to recover data quickly is going to become a requirement as more stringent regulations go into effect. The challenge is detecting attacks quickly enough to back up as much data as possible in a way that can be easily recovered.