Veritas Technologies, a multi-cloud data management leader, released the findings of a new survey demonstrating that the majority of businesses are unprepared to deal with threats to their Kubernetes settings. According to the study, Kubernetes is being rapidly deployed into mission-critical environments in corporations worldwide, with 90% of companies planning to use the technology in the next two to three years and nearly half already doing so. However, only 35% of companies that have used Kubernetes have solutions in place to guard against data loss situations like ransomware.
The study found that 43% of organisations that have installed Kubernetes had already experienced a ransomware assault on their containerised environments, and that 96% of respondents claimed that ransomware attacks on Kubernetes environments are an issue for their organisations today.
Andy Ng, Vice President and Managing Director, Asia South and Pacific Region at Veritas, said: “As organisations diversify their IT applications in response to accelerated digital transformation, the need to quickly innovate at scale while maintaining a strong IT security posture is paramount. Kubernetes has emerged as a convenient solution, as it is easy for enterprises to deploy, and quickly improves affordability, flexibility and scalability. However, the data protection strategies in Kubernetes environments have not evolved in parallel with deployment. With close to two-thirds of their mission-critical Kubernetes environments completely unprotected from data loss, Kubernetes has become the Achilles heel in the organisation’s ransomware defence strategy.”
Siloed solutions
Organisations are missing the opportunity to deliver rapid protection to these at-risk data sets by failing to extend their existing data protection from their traditional workloads out across their containerised environments. Just 44% of organisations are currently following this model while the rest are complicating their protection environments with stand-alone products for some of their Kubernetes protection. They are doing this despite the fact that all respondents believe that there would be benefits to taking an integrated approach. This could be because 32% of respondents said that they know little or nothing about solutions that could protect data across traditional, virtual and Kubernetes environments.
The research identified the biggest risks associated with siloed data protection solutions as ‘a more complex or lengthy data restore process after a data-loss incident’ and ‘increased time required to manage multiple solutions’. Meanwhile the most compelling reasons amongst respondents for adopting a single solution to protect data against data loss and ransomware attacks were ‘a simplified restore process’ and ‘a single place to manage protection data’.
More protection in the future
According to the study, companies anticipate to be able to better safeguard their Kubernetes settings over time, with 15% of companies anticipating that ransomware will not be a problem in five years. This coincides with a greater emphasis on the deployment of data protection solutions for containerised data. 98% of companies plan to have data protection in place for their mission-critical Kubernetes systems in five years. In the next five years, 59% of organisations intend to invest more in their security infrastructures, making them "extremely well equipped" for ransomware attacks on Kubernetes settings.
Ng continued: “The rise of a hybrid working world has created the demand for multi-cloud flexibility, with an increased deployment of Kubernetes. As organisations seek to realise the full benefits of Kubernetes, cyber criminals are also relentlessly targeting Kuberbetes as a potential breach point. It is imperative for organisations to strengthen their cyber resiliency, before more and more ransomware variants emerge over that time to target Kubernetes and take advantage of this Achilles heel.”