In July 2025, Microsoft issued an advisory warning stating that a SharePoint vulnerability had been discovered and was actively being exploited. More than 9,000 organizations worldwide using SharePoint Server have been affected by this security breach. Attackers used server-side privileges to tamper with the machine keys and bypassed authentication methods in order to carry out the attacks.
SharePoint is a core system for many companies and if compromised, not only will sensitive company data will be leaked, but the entire business process might be paralyzed.
This incident highlights the need to reevaluate and optimize existing data protection strategies. Only a comprehensive, multi-layered cybersecurity strategy can safeguard corporate data and ensure business continuity.
How a multi-layered defense strategy can help enterprises face a crisis
Using the recent Microsoft SharePoint incident as an example, the attackers didn’t attack directly; they exploited a security loophole to steal credentials and then infiltrate the SharePoint system. Companies serious about resisting cyberattacks can no longer rely only on firewalls or antivirus tools.
Instead, organizations must take a multi-layered security approach to safeguard their data and systems. This includes endpoint security, network segmentation, data encryption, access controls, behavioral detection, and backup methods. Businesses must also impose strict requirements on the vendors they work with. This is to ensure that suppliers also meet cybersecurity standards, regularly undergo security assessments and audits, and establish clear security compliance regulation.
The key to cyber resilience: Business continuity and data recoverability
Despite their importance as part of a cybersecurity strategy, backups are often deprioritized by IT teams. However, backups are the last line of defense during an attack. When all else has failed and your data is encrypted or even deleted, backups are the only way a business can restore its operations. To strengthen its cyber recovery strategy, a company must back up all operational data, strengthen its data isolation methods, and verify backup recoverability on a regular basis.
As enterprises today operate with a diverse range of platforms and tools, if any workloads remain unprotected, they may become vulnerabilities waiting to be exploited by ransomware. When platforms and data stored on them are linked together, companies must ensure that no backups are left behind and make sure to include each backup source and device within their backup strategy.
Implementing a cyber resilient system is necessary as businesses cannot rely only on one defense mechanism. Synology recommends companies leverage data isolation techniques such as immutability and offline backups. Immutable backups ensure that data cannot be changed or deleted during the retention period. They reduce the risk of backup servers being targeted by attackers. Offline backups are physically isolated and cannot be accessed by external networks, therefore reducing the risk of ransomware infiltration while reducing the risk of security loopholes due to human errors.
Merely backing up your data isn’t enough. The key is to verify data usability. Without verifying the integrity of your backups, companies face the risk of being unable to restore their backups when needed, even though they exist. Organizations should implement backup verification and disaster recovery drills as standard operations and use solutions that come with built-in support for these features to recover operations immediately in the event of a ransomware attack.
Cybersecurity authorities such as NIST and CISA regularly publish extensive frameworks and checklists which highlight the measures organizations can take to prevent incursions. An essential aspect of cybersecurity is for IT teams to engage in regular audits of their cybersecurity and disaster preparedness strategy, using these frameworks as a guide. In both the NIST Cybersecurity Framework and the CISA CPG Checklist, recovery is included as a major aspect of cybersecurity, on equal footing with the identification of risks, protection against threats, and response to known incidents. To prevent disastrous data loss and ensure complete protection for vital company systems, it is essential to place equal priority on comprehensive backup and recovery strategies.