International research by Commvault shows that companies are inadequately prepared for cyber attacks. Backups are a favorite target, and cyber recovery proves to be more complex than traditional disaster recovery processes.
Only 20 percent of companies expect to be able to continue working without interruption after a cyber attack. This is revealed by a global survey commissioned by Commvault, in which 500 IT and security professionals were interviewed. Additionally, only 26 percent indicate they have sufficient confidence in the protection of all critical applications and data.
The majority of respondents (54 percent) experience cyber recovery as more complex than traditional disaster recovery. This is partly due to the need for specialized skills, customized processes, and different technologies. 59 percent find it difficult to find suitable personnel, while this problem is mentioned by only 15 percent for traditional recovery. Moreover, almost half find it more challenging to meet agreed recovery levels.
Backups Often Targeted
Cybercriminals often target backups. In 92 percent of cases, these were involved in the attack; in 13 percent, they were even the sole target. Only 6 percent of companies have a separate cyber recovery plan. Half of the organizations do use different recovery objectives than in classic disaster recovery procedures.
Another bottleneck is the tension between forensic investigation and rapid recovery. 91 percent of respondents call this a challenge. Moreover, 85 percent fear that malware will cause damage again if recovery does not occur in a clean environment.
Cyber attacks often have far-reaching consequences. 42 percent report reputational damage or loss of customers. Nearly as many companies reported that sensitive data was stolen. Legal consequences and financial damage also occur regularly. 23 percent of affected organizations have paid ransom, in some cases multiple times.
The results emphasize that cyber recovery poses different demands than traditional data loss recovery. An integrated approach and collaboration between IT and business leaders are necessary, according to Commvault, to be able to respond resiliently to future attacks.