As part of our ongoing quest to better understand how small- and medium-sized organizations deal with evolving data resilience challenges, Arcserve commissioned a study of senior IT professionals directly involved with data backup and security.
How important is data to today’s businesses?
• 97 percent of survey respondents agree that their proprietary data is “moderately” or “extremely” critical to their company’s success.
Recognizing how vital data is to your business, the following survey highlights are informative and instructional regarding data loss and downtime risks, assessing your data resilience strategy, and closing potential gaps.
Executive Buy-In Matters
Far too many survey respondents—25 percent—say that their company’s leaders responsible for budget allocation don’t worry about adequately protecting the organization’s data. That’s a problem when 69 percent of the respondents say their organization’s business would come to a screeching halt if it lost access to its data.
The Cybersecurity and Infrastructure Security Agency’s publication, “Making a Business Case for Security,” offers resources and helpful advice for gaining executive buy-in.
Data Protection Investments Grow
While the 2023 Security Budget Benchmark report found that the average IT security budget increased by 6 percent year over year, our survey found that the vast majority—89 percent— of respondents’ organizations expect to increase their data protection budget in the future. That’s excellent news, especially when the same respondents say they already allocate a sizeable portion—22 percent—of their IT budget to data protection and recovery.
Fast Recovery Is Crucial
Forbes pegs the average cost of downtime for large organizations at $9,000 per minute. Consider the costs if your business can’t access its data and the consequences of failing to comply with regulatory requirements like GDPR, CCPA, and the Data Privacy Act.
Only 31 percent of our survey respondents are confident in their ability to recover lost data in 24 hours. Multiply that by $9000, and ouch! Only 34 percent of respondents say their organization can take more than 48 hours to recover its data and avoid significant business disruption. For two-thirds of respondents, taking more than 48 hours to recover data isn’t acceptable.
Data Recovery Drills Make a Difference
The good news is that most survey respondents—70 percent—say they perform weekly or monthly data recovery drills. However, over 20 percent of businesses don’t test their systems often enough. Regular backup and disaster recovery drills are essential for meeting your business’s recovery point and recovery time objectives (RPOs and RTOs).
Confidence is High, But Risks Remain
Most—86 percent—of survey respondents say their organization is either “very” or “extremely” confident in its ability to detect and respond to natural disasters. Unfortunately, that confidence may be unfounded, given that 47 percent of respondents say their organization has experienced significant revenue loss due to data loss incidents.
At Arcserve, we are ardent supporters of the 3-2-1-1 backup strategy. This approach is a crucial best practice for ensuring data resilience and disaster recovery. With 23 percent of respondents saying their organization hasn’t adopted the 3-2-1-1 strategy—and an additional 6 percent not sure—nearly one in three respondents are at risk of data loss and downtime. That means they may also be overconfident regarding their data resilience capabilities.
Ransomware Is Rampant
Between an increasing number of organized ransomware criminal groups, solo cybercriminals phishing for ransom, and the rise of ransomware as a service, the risks to your data are more significant than ever.
Our survey bears this out, with 80 percent of respondents saying they have been hit by ransomware. It gets worse: Nearly one in three—30 percent—of respondents couldn’t recover after a successful ransomware attack.
While 82 percent of survey respondents affected by ransomware claim they recovered within 48 hours, another 18 percent—nearly one in five—did not. This underscores the need for a robust data resilience infrastructure that consolidates your data protection, backup, and disaster recovery components into a unified data protection environment, implemented as part of a 3-2-1-1 backup strategy.
SaaS Applications Need Data Protection, Too
About 82 percent of respondents say their organization uses ten or more SaaS applications. These vital applications can be a blind spot because they are secured based on the shared responsibility model, where you are responsible for data protection and data recovery. Respondents say 30 percent of their SaaS applications aren’t monitored or secured. That means these organizations may be unaware of hackers moving about their environment—before it’s too late.
Non-Compliance Can Also Be Costly
Today, more and more companies must meet stringent regulatory requirements, from the EU’s NIS2 Directive to California’s CCPA. Failure to comply is expensive, and 43 percent of survey respondents’ companies faced fines due to inadequate data protection measures.
Employing a data resilience solution like Arcserve Unified Data Protection (UDP) with built-in compliance capabilities, such as access controls and versioning, is your best bet for ensuring compliance.
To learn more about Arcserve UDP, request a demo.
Read the complete Executive Summary of the “State of Data Resilience in the Enterprise” survey.
You May Also Like
- Backup and Disaster Recovery Business Continuity Cybersecurity
Tech Conversations - Beyond the Arc: Cyber Confidence for Business Leaders
December 2nd, 2024 - Backup and Disaster Recovery Business Continuity Cloud Compliance Cybersecurity Data Protection Data Resilience Ransomware
The Vital Role of Replication in Ensuring Data Resilience
November 20th, 2024 - Backup and Disaster Recovery Business Continuity Cloud Cybersecurity Data Protection Data Resilience Ransomware
Why Flexible Disaster Recovery Matters In a Hybrid World
November 12th, 2024