More on News
Commvault, a prominent provider of data protection and cyber resilience solutions for hybrid cloud organizations, has unveiled a comprehensive IDC report titled “The Cyber-Resilient Organization: Maximum Preparedness with Bullet-Proof Recovery Survey.”
This report presents the findings of a survey conducted by IDC, which involved over 500 security and IT operations leaders from across the globe. The objective was to gauge the current landscape of how organizations perceive contemporary security threats and approach the concept of cyber resilience. The key findings from this study can be divided into three significant areas: the involvement of C-level executives in cyber preparedness initiatives, concerns about data loss and vulnerable workloads, and the pressing need for automation in cybersecurity strategies.
“Cyber attackers never rest and are constantly discovering ways to exploit vulnerabilities. A truly effective cyber resilience strategy must go beyond just backup and recovery. Organizations must adopt a new approach that spans prevention, mitigation, and recovery,” said Phil Goodwin, Research Vice President, Infrastructure Systems, Platforms and Technologies Group, IDC. “Whether on-premises, in the cloud, or a hybrid environment, they must integrate multiple layers of defense. With AI now a tool for both defense and offense, the urgency for comprehensive cyber resilience has never been more evident.”
The research brings to light a notable discrepancy in the level of engagement of senior executives and line-of-business leaders in their company’s cyber preparedness initiatives. The survey reveals that merely one-third (33%) of CEOs or managing directors and less than a quarter (21%) of other senior leaders exhibit active involvement in these initiatives. Even more concerning is that most senior leaders (52%) have no role in their company’s cyber preparedness efforts.
Furthermore, the study highlights the confusion between IT Operations (ITOps) and Security Operations (SecOps) teams concerning their respective roles in cyber preparedness. A mere 30% of SecOps teams fully understand the roles and responsibilities of ITOps in this regard, and similarly, only 29% of ITOps teams have a comprehensive understanding of SecOps’ contributions.
IDC emphasizes the critical role that business leaders should play in ensuring organizations prioritize cyber preparedness. Additionally, it underscores the significance of fostering complete alignment between ITOps and SecOps teams to fortify an organization’s defenses against cyber threats.
A staggering 61% of survey respondents believe that data loss within the next year is “likely” to “highly likely” due to increasingly sophisticated cyberattacks. Interestingly, the survey participants perceived on-premises workloads as more vulnerable than cloud-based workloads. On a scale of 1 to 5, where 5 indicates high vulnerability, on-premises data repositories scored 2.8, while physical workloads earned a rating of 2.77, surpassing cloud workloads’ vulnerability, which scored 2.67.
The research underscores that data exfiltration attacks, where unauthorized data transfers occur, transpire nearly 50% more often than encryption attacks aimed at decoding encrypted data. Respondents rated Phishing attacks as the most concerning threat, mainly because most ransomware attacks initiate a successful assault on user credentials.
As cyber attackers continue to employ increasingly sophisticated tactics, reliance on manual detection and reporting processes often falls short, leading to missed anomalies and successful cyberattacks. Automation emerges as a potential solution to address this issue, allowing for faster threat detection and mitigation. However, many organizations (57%) currently have limited automation for crucial functions, heightening the risk of overlooking threats. Only 22% report having achieved full automation in their cybersecurity strategies.
“We are beyond just reacting to cyber threats. The C-suite must ensure teams prioritize proactive defense, real-time threat intelligence, and robust risk management to pave the way for genuine cyber resilience,” said Javier Dominguez, CISO, Commvault. “It’s also critical that SecOps and ITOps teams work closely together to look holistically at their security posture, end-to-end. With Commvault, resilience isn’t an afterthought – it’s the blueprint.”
Commvault’s IDC report sheds light on the critical challenges and vulnerabilities that organizations face in cyber resilience and underlines the necessity of proactive measures, alignment between teams, and automation to bolster defenses in the face of evolving cybersecurity threats.