Enterprise networking and security vendor Cisco has announced the addition of new ransomware recovery features to its extended detection and response (XDR) solution. The announcement brings near real-time recovery for business operations after a ransomware attack, according to the firm. The capabilities reduce the time between the beginnings of a ransomware outbreak and capturing a snapshot of business-critical information to enable enhanced levels of business continuity, the firm said.\n\nCisco also announced that it is expanding its set of third-party XDR integrations to include leading infrastructure and enterprise data backup and recovery vendors.\n\nEffective and timely ransomware recovery can be challenging for a range of business amid an increasingly dangerous ransomware landscape. During the second quarter of 2023, the Cisco Talos Incident Response (IR) team responded to the highest number of ransomware engagements in more than a year. Likewise, the latest ReliaQuest Ransomware & Data-Leak Extortion report revealed a large surge in ransomware activity in Q2. This quarter set the record for the most victims ever recorded being named to ransomware data-leak sites, an increase of 540 victims compared to the previous quarter, according to the research.\n\nNew capabilities detect business-critical data at first signs of ransomware attack\n\nThe new capabilities in Cisco XDR allow security operations center (SOC) teams to automatically detect, snapshot, and restore the business-critical data at the very first signs of a ransomware attack, often before it moves laterally through the network to reach high-value assets, Cisco said in a press release.\n\n\u201cThe exponential growth of ransomware and cyber extortion has made a platform approach crucial to effectively counter adversaries,\u201d said Jeetu Patel, executive VP and general manager of security and collaboration at Cisco. \u201cOur objective is to build a resilient and open cybersecurity platform that can withstand ransomware assaults and recover with minimal impact, ensuring uninterrupted business operations.\u201d\n\nCisco XDR integrates Cohesity\u2019s recovery functions\n\nCisco is also expanding its initially released set of third-party XDR integrations to include Cohesity\u2019s DataProtect and DataHawk solutions, it said. Cohesity\u2019s products provide configurable recovery points and recovery for systems assigned to a protection plan. The new features enhance this core functionality by preserving potentially infected virtual machines for future forensic investigation, while simultaneously protecting data and workloads in the rest of the environment, according to Cisco.\n\nCohesity\u2019s engineers worked alongside Cisco technical teams to adapt data protection policies to offer organizations a stronger security posture. This complements Cisco XDR\u2019s detection, correlation, and integrated response capabilities and will enable customers to benefit from accelerated response for data protection and automated recovery, the vendor claimed.