In recent times, too many cyber security incidents have wreaked havoc for organizations. In most cases, these organizations were not prepared to deal with cyber attacks. Notably, they did not have sufficient data protection such as reliable backup and recovery capabilities, giving CISOs sleepless nights.
In fact, two years into the pandemic, the disconnect between business expectations and IT’s ability to deliver continues to grow bigger, according to the Veeam Data Protection Trends Report 2022, which found that 89% of organizations are not protecting data sufficiently.
In recent months, a host of new and evolving cyber security threats has the IT security industry on high alert. Talking to CXOToday on the evolving threat landscape, Dave Russell, Vice President of Enterprise Strategy, Veeam Software, said, “While sophisticated cyber attacks involving malware, phishing, crypto and other attacks have placed the data and assets of organizations and individuals at constant risk, one can prevent a lot of common attacks and keep their online accounts a great deal safer just by using better passwords. So if you are looking for a way to improve your cyber security, password security and a strong backup is where you should start.”
Studies have shown that data growth [since 2020] has more than doubled as people have explicitly embraced remote working and cloud-based services. As a result of this the risks associated with data protection has also grown manifold.
According to Russell, “Many companies have relied on legacy backup services which took a long time to get systems back up and running again. Moreover, remote working has exposed both individuals and businesses to a range of cyber security risks.”
While organizations are aware of these challenges and are investing in security, they often fall short in delivering the protection users need, he said.
The report comes up with some interesting findings that hint at how enterprise data protection challenges are immense and becoming increasingly diverse. Cyber attacks have been the single biggest cause of downtime, with 76% of organizations reporting at least one ransomware event in the past 12 months. Not only is the frequency of these events alarming, so is their potency.
For every attack, organizations were unable to recover 36% of their lost data, proving that data protection strategies are currently failing to help businesses prevent, remediate and recover from ransomware attacks.
Human errors are far too common, showed the study, as 46% of respondents experienced cases of administrator configuration error, while 49% were hindered by accidental deletion, overwriting of data or corruption caused by users.
What’s even more alarming is that despite backup being a fundamental part of any data protection strategy, 18% of global organizations’ data is not backed up — therefore, completely unprotected.
Only 25% of organizations utilize orchestrated workflows to reconnect resources during a disaster, while 45% run predefined scripts to reconnect resources running remotely in the event of downtime and 29% manually reconfigure user connectivity.
“Virtually all respondents (as seen from the research) believed there was an “availability gap” between the SLAs expected and how quickly IT can return to productivity, and also a “protection gap” between how much data they can afford to lose and how often data is protected,” said Russell.
Russell also said that the worldwide shortage of skilled cyber personnel has a direct and significant impact on organizations and their ability to protect themselves.
The report further highlighted that 95% of Indian organizations experienced unexpected outages within the last 12 months. According to Veeam’s Data Protection Trends Report, 84% of Indian organizations suffered ransomware attacks, making cyber-attacks one of the single biggest causes of downtime for the second consecutive year.
““The accelerated adoption of digital technologies in the last two years has severely impacted the cyber security landscape resulting in a spike in the number of organizations having witnessed cyberattacks,” Sandeep Bhambure, Vice President, Veeam Software – India & SAARC commented on the report.
Despite all odds, however, Bhambure stated that business leaders have recognized the need and significance of Modern Data Protection. IT leaders are now motivated to invest in Modern Data Protection solutions to reduce downtime and data loss (17%) and improve the economics of their solution (25%).
As cyber-threat landscape continues to expand and become more sophisticated, CXOs must invest in a strategy that plugs the gaps they already have and keeps pace with rising data protection demands.
Good news is, organizations said they will spend around 6% more annually on data protection than broader IT investments, especially on cloud-based security and robust solutions at the lowest possible cost.
According to Russell, “Working in a hybrid work environment, data protection is a prerequisite for all organizations today. Any organization that does not prioritize or has a proper data protection strategy in place is likely to head towards a very risky path.”
“It is therefore important for every company to prepare for data protection and recovery processes so that they can get up and move on quickly even after an attack,” he summed up.