CISOs struggling to protect sensitive data records
Almost all IT and security leaders (96%) globally are concerned their organization will be unable to maintain business continuity following a cyberattack, according to Rubrik.
Data security is becoming increasingly complex
Data security is becoming increasingly complex and the datasets that require securing are growing rapidly. Rubrik internal data revealed that on average, the growth of data secured in 2022 was 25% (on premises grew 19%, cloud grew 61%, and SaaS data secured grew 236% last year).
56% of organizations currently employ at least one zero trust initiative. However, only 56% of IT and security leaders developed or reviewed an incident response plan in 2022, and 54% tested backup and recovery options.
Data backup and recovery technology issues
99% of external organizations reported having data backup and recovery technology, with 93% encountering significant issues with their solution.
Nine out of ten external organizations reported malicious actors attempted to impact data backups during a cyberattack, and 73% were at least partially successful in these attempts.
72% of organizations reported paying a ransomware demand, and only 16% of all global organizations recovered all of their data via attacker decryption tools.
2023 cybersecurity budget
47% of IT and security leaders believe their 2023 cybersecurity budget is not enough of an investment, and 27% expect their IT and cybersecurity budgets to decrease in 2023.
IT and security leaders will need to work at bringing their teams together with only 4% stating there are no factors limiting the IT and security alignment requiring their attention this year.
“It’s clear organizations understand the gravity and impact of cyber incidents, but we also see a range of roadblocks from a lack of preparation, misalignment between IT and security teams, and over-reliance on insufficient backup and recovery solutions,” said Steven Stone, Head of Rubrik Zero Labs. “In the current era of cybersecurity, the best outcome is ensuring cyber resilience. Incidents are inevitable, so it’s critical to reduce the risk before a response is needed, and—at all costs—protect the crown jewel: the data.”