New research commissioned by Cohesity has found that the majority of businesses do not have the necessary cyber resilience strategies or data security capabilities required to address today’s escalating cyber threats and maintain business continuity.
Furthermore, cyber resilience efforts are not keeping pace with cyber threats, with data security and recovery technology deficiencies reducing cyber insurance eligibility and increasing the fallout of a successful attack.
In comparing the cyber security outlook for 2023 to 2022, 93 percent of respondents said that they felt the threat of ransomware attacks to their industry had increased in 2023. Alarmingly, almost half of respondents (45 percent) confirmed their business had been the victim of a ransomware attack in the prior six months. Respondents also revealed that their business’ cyber resilience and data security capabilities have not kept pace, with 80 percent expressing concerns about their organization’s cyber resilience strategy and whether it can ‘address today’s escalating cyber challenges and threats’.
Business continuity is critical even when adverse cyber events arise, however, businesses are slow to respond because they lack the capability to recover data and restore business processes quickly. When asked how long their organization would take to recover data and business processes if a cyber attack occurred? Over 95 percent of respondents said that their business would need over 24 hours, 71 percent said it would take more than four days, while 41 percent of respondents said over a week would be required.
Unsurprisingly, two-thirds of respondents (67 percent) lack full confidence that their company could recover their data and critical business processes in the event of a system-wide cyber attack. Diving deeper into cyber resilience and data recovery expectations versus reality, 90 percent of respondents said their business would consider paying a ransom, with 74 percent saying ‘Yes’ their organization would pay, if it meant being able to recover data and business processes, or recover faster.
When asked about the biggest barriers to their organization being able to get back up and running in the event of a successful cyber attack, respondents said their top three challenges were integration between IT and security systems (34 percent), a lack of coordination between IT and security (33 percent) and antiquated backup and recovery systems (32 percent). Further clarity was provided by respondents regarding their ability to secure their data estates, with less than half stating they are confident all their data stored in the cloud (44 percent) or at the edge (42 percent) is secure and protected, and less than 3 in 10 (28 percent) are confident data stored on-premises is secure and protected.
87 percent of respondents said that to help win the war against ransomware, data and cyber security vendors must collaborate to provide complete and integrated anti-ransomware solutions, and nine in ten respondents feel their business would benefit from a data security and management platform that provides insights on their overall security posture and cyber resilience.
About the survey
The findings are based on a survey of 3,409 IT and security operations (SecOps) decision-makers (split as close to 50:50 between the two groups as possible) commissioned by Cohesity, Tenable, and BigID, and conducted by Censuswide. Survey respondents were polled from businesses in Australia, France, Germany, Japan, New Zealand, the United Kingdom, and the United States.
