Staying ahead of ransomware attacks isn’t as simple as deciding between keeping your security infrastructure constantly updated or paying the malware ransoms if and when attacks happen.

That, in a nutshell, is the modern-day SecOps dilemma. Whether as a weapon of war, a source of leverage or a money-making medium, ransomware-as-a-service seems to be here to stay.

“With ransomware as a service, you’re essentially having very sophisticated folks create very complex ransomware code and distributed it to people who are willing to pay for it — and oftentimes take a part of the ransom as their payment,” said Gil Vega (pictured), chief information security officer at Veeam Software Corp. “The issue with ransomware is the age-old question, are you going to pay a ransom or are you not going to pay a ransom?”

Vega spoke with Dave Vellante, host of theCUBE, SiliconANGLE Media’s livestreaming studio, during this year’s VeeamON event. They discussed the modern SecOps landscape, including contemporary issues surrounding the protection of sensitive corporate and government data from threats within and without. (* Disclosure below.)

Navigating a delicate minefield

In discussing the current SecOps landscape, Vega pointed out the various complications the U.S, as well as many of its prominent companies and businesses, face when it comes to data protection.

First, from a public sector standpoint, it’s not advisable for the U.S to go toe-to-toe with foreign malware merchants as these confrontations often boil down to what party has more to lose. Secondly, the guidelines that government agencies, such as the FBI and Treasury Department, have given private companies advise against paying any such malware ransoms because doing so might well encourage future attacks.

It wasn’t all doom and gloom, however, as Vega also laid out a roadmap for the preemptive data protection practices currently being implemented at Veeam. The NIST Cybersecurity Framework is at the heart of the company’s cybersecurity efforts and represents a doubling down on the “Zero Trust” data security approach.

Veeam’s upgraded Backup & Replication v11 is charting a new path in the implementation of continuous data protection, support for disaster recovery, backup as a service, and support for prominent cloud repositories, such as Azure and AWS S3 Glacier, according to Vega.

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of VeeamON 2021. (* Disclosure: TheCUBE is a paid media partner for VeeamON. Neither Veeam, the sponsor of theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE