Singapore – Commvault, a top provider of cyber resilience and data protection solutions for the hybrid cloud, has partnered with research firm GigaOm to release the 2024 Cyber Recovery Readiness Report. This comprehensive global survey of 1,000 security and IT professionals across 11 countries addresses a crucial question: “What can businesses do to become more resilient in the face of cyberattacks?”
The report identifies five key capabilities, or resiliency markers, that significantly enhance companies’ ability to recover quickly from cyberattacks and reduce the frequency of breaches. These markers were distilled from extensive analysis of survey data, which covered topics such as breach frequency, resilience technology deployment, and data recovery speed. The resiliency markers are:
- Early Warning Security Tools: Systems that provide early risk warnings, including insider threats.
- Clean Dark Site: A secondary system known to be free of infections.
- Isolated Immutable Data Storage: An environment to store unchangeable copies of data.
- Incident Response Protocols: Clearly defined runbooks, roles, and processes.
- Cyber Recovery Readiness Measures: Specific steps to ensure preparedness and manage risk.
Key Findings and Insights
The survey highlighted significant disparities in cyber resilience based on the number of resiliency markers deployed:
- Faster Recoveries: Organizations classified as cyber mature—those with at least four resiliency markers—recovered 41% faster than those with zero or one marker.
- Fewer Breaches: Cyber mature companies reported fewer breaches compared to their less prepared counterparts.
- Increased Confidence: 54% of cyber mature organizations were fully confident in their ability to recover from a breach, versus only 33% of less prepared firms.
- Frequent Testing: 70% of cyber mature organizations tested their recovery plans quarterly, compared to 43% of those with fewer markers.
Chris Ray, Cybersecurity Analyst at GigaOm, emphasized the importance of comprehensive cyber preparedness. “One of the key findings from the research is that in order to truly advance cyber preparedness, organizations can’t cut corners. We saw significant disparities in resilience between organizations that deployed one or two of the resiliency markers versus four or five,” Ray said. “It’s critical that organizations think about resiliency in layers. Less than 85% of respondents surveyed do that today. This needs to rapidly change if companies want to be resilient and have the upper hand against bad actors.”
Tim Zonca, VP of Portfolio Marketing at Commvault, stressed the importance of modern testing practices. “As we drill down into these cyber capabilities, key practices are emerging as fundamentally critical to any cyber preparedness strategy, and testing for cyber recovery readiness is one of them. Companies that just focus on testing for disaster recovery are missing the boat. Given the evolving nature of cyber threats, frequent and modern testing practices for cyber recovery are essential so environments are not re-infected and recovery processes are robust,” Zonca stated.
