Orgs unprepared for threats to Kubernetes environments

Despite growing adoption of Kubernetes environments within the enterprise, the majority of businesses are unprepared for the risk of ransomware attacks to these environments, according to Veritas.

Research from the cloud security company found that nearly a third of organisations are already relying on Kubernetes, with 85% expecting to be using the technology within the next 2–3 years.

But although 94% of organisations acknowledge the risk of ransomware attacks on Kubernetes environments, only 30% of adopters have tools in place to protect against these and other data loss incidents.

The survey of 1100 senior IT decision-makers from markets including Australia found that the majority (56%) of organisations who had deployed Kubernetes had already experienced a ransomware attack on their containerised environments.

The research also suggests that the majority of organisations are failing to extend their existing data protection environments to their containerised environments, and are instead relying on standalone products for some or all of their Kubernetes protection.

But respondents universally recognised the potential benefits of an integrated data protection environment, the survey found. The biggest risks associated with siloed environments include complicating the process of restoring data after a data loss incident and the higher cost of deploying and managing multiple solutions.

Organisations do expect to be able to better protect their containerised environments over time, with 19% predicting that ransomware will not be an issue for these environments five years from now.

This is in part because organisations expect to be spending an average of 68% more in this area in five years’ time than they do today, with 54% expecting that future investment will leave them very well prepared for ransomware attacks by this time.

Veritas MD for ANZ Pete Murray said this last finding is a positive sign for local organisations.

“It’s clear that Australian organisations understand the value of protecting the mission-critical data that they’re using in their Kubernetes environments. While it seems they’ll eventually get the protection that they need, it is imperative for them to strengthen their cyber resiliency before more and more ransomware variants emerge over that time to target Kubernetes and take advantage of this Achilles heel,” he said.

“Too many organisations are missing the simple solutions to extend their current data protection platforms to their Kubernetes environments today, leaving them in an unenviably vulnerable position.”

Image credit: ©stock.adobe.com/au/LuckyStep