DIY approach to cyber-preparedness has 92% organisations belive that they have efficient data resiliency tools, however 67% of those hit by ransomware were still forced to pay: IDC report commissioned by Druva
Key insights from report include:
- 85% of respondents indicate they have a formal cyber-recovery playbook
- 93% of organizations believe they have partially or fully automated means of recovering the right data
- When it came to paying a ransom, 62% of large organizations paid compared with 72% for midsize organizations and 65% of small organizations
- Even though more than 80% organisations had a plan, that plan failed to yield a fully positive outcome in most cases.
A recent IDC report commissioned by Druva found that 93% of organizations believe they have partially or fully automated means of recovering the right data and 85% of respondents indicate they have a formal cyber-recovery playbook. The high response rate makes clear that some level of effort to create a playbook has been undertaken by the vast majority of organizations. Additionally, 92% of respondents say their data resiliency tools are “efficient” or “highly efficient”. However, the problems aren’t that organizations don’t take cyberattacks seriously or that they don’t try to prepare; they most certainly do both in earnest. The root issues are that companies are using the do-it-yourself (DIY) approach to cyber preparedness that are insufficient and recovery is limited to the experience of those implementing it, many of whom may have no experience with an actual attack response. Hence, only 7.7% of respondents believe their current data resilience efforts are only partially efficient or inefficient and this would indicate that most organizational leaders believe they have the necessary tools in place to meet their data resiliency needs. Utilizing data resilience solutions from cloud providers also frees up IT staff to focus on higher-value activities. Although cyberattacks are top of mind for IT and business leaders, they must not forget the day-to-day need for data resilience and disaster recovery.
Despite of the claims of being prepared for cyberattacks, many plans failed, at least to the extent of achieving the ideal. It is interesting to note that these results were consistent across regions in the world and across company sizes. One might think that large-scale organizations would be better prepared to deal with attacks because they have greater resources and larger staff. However, this survey did not show a significant advantage for larger companies versus smaller companies as 62% of large organizations paid ransom in the last 3 years, compared with 72% for midsize organizations and 65% of small organizations.
Visit the ransomware recovery page of the Druva site to learn more, and discover Druva’s Data Resiliency Guarantee — the industry’s only guarantee of data protection against five key threats — up to $10 million.
IDC White Paper, sponsored by Druva, “You Think Ransomware Is Your Only Problem? Think Again,” doc #US49628322, September 2022.