In a release, the company, which provides data management in on-premises, cloud and SaaS environments, referenced results of a study released this month conducted by research firm Enterprise Strategy Group (ESG) on its behalf.
A key finding revealed that a mere 12 per cent of IT directors surveyed indicated confidence in having the proper tools and necessary location agnostic protection to secure on-premises and cloud.
“In surveying enterprise IT directors with direct knowledge and influence on their company’s data security strategies, the results we found were eye opening,” said Jon Oltsik, senior principal analyst at ESG. “It is very clear that many IT teams do not have adequate tools in place to detect ransomware attacks on production environments early enough in the attack chain to neutralize stealthy cyber-attacks before they cause harm.
“Ransomware has revolved around encryption for a long time, but newer extortion techniques like exfiltration go beyond rapidly spreading malware, and data recovery alone cannot help if sensitive business data is leaked to the dark web.”
With ThreatWise, Commvault said it can now provide an early warning that “uses decoys to proactively bait bad actors into engaging fake resources, spot threats in production environments and arm businesses with tools to keep data safe.”
In addition, the company said it is also extending its machine learning and critical threat detection and security capabilities to its recently released Commvault Platform Release 2022E, which is available now.
Ranga Rajagopalan, the firm’s senior vice president of products, said that “data recovery is important, but alone not enough.
“Just a few hours with an undetected bad actor in your systems can be catastrophic. By integrating ThreatWise into the Metallic SaaS portfolio, we provide customers with a proactive, early warning system that bolsters their zero-loss strategy by intercepting a threat before it impacts your business.”
In a blog introducing ThreatWise, Steve Preston, vice president of Metallic Security, which developed the service, wrote that “no customer boundary is impenetrable. It’s not a matter of if an attacker gets in, but when. With intelligent cyber deception, businesses can effectively identify, slow, and contain attackers early – before they reach their targets or compromise data.
He added that legacy deception solutions employ antiquated approaches, where customers typically face trade-offs: “Some opt for honeypot-based technologies which are focused on helping businesses learn from bad actors and their tactics. While valuable, these solutions are complex, take time to deploy, consume IT resources (licenses, compute, etc.), and are difficult to scale.
“Others have leveraged lure or token-based solutions, which are simple and scalable, but not robust and deliver a low-level of interaction from bad actors.”
ThreatWise, wrote Preston, “applies a unique approach to deception that takes the best of both worlds; one that interacts with, deceives, and surfaces bad actor attempts in sophisticated ways, without the restrictions, burden, or resource constraints of traditional deception solutions.”