IT For CEOs & CFOs
News & Views
IT leaders struggle to recover full data after cyberbreach
​
Far too many firms are unable to make full data recovery according to the latest study into the state of data backup and the ability of organizations to recover in the event of a cyberattack by leading manufacturer of software-free, 256-bit AES XTS hardware-encrypted USB drives, Apricorn.
Of those who needed to recover their data, 50% were able to do so successfully but 25% were only able to partially recover their data/documents. A further 8% were unsuccessful because they did not have robust backup processes in place, demonstrating the need for continued enhancement in storage and backup solutions to ensure complete recovery post-breach.
Notably, the survey also found that 9% of respondents acknowledged their current backup systems are not sufficiently robust to allow rapid recovery from any attack. Though this emphasizes the critical need for these organizations to make further improvements to safeguard their data and operations, it also attests to a greater sense of awareness of backup best practice. The fact that so many have been able to recover also underscores the progress that has been made in recovery strategies.
“While it is encouraging to see more organizations automating backup and adopting multiple backup locations, the fact that a percentage of organizations still struggle with complete data recovery is a stark reminder of the work that remains,” says Jon Fielding, Managing Director, Apricorn. “Robust backup systems are not just advisable; they are a necessity in today’s threat landscape. On a positive note, our research reveals that there is an upward trend in the adoption of comprehensive backup strategies, and we are seeing a significant increase in automated backups to both central and personal repositories, indicating that the message about the importance of multiple backup locations and the benefits of automated backups is resonating within the industry.”
According to the IT decision makers surveyed, the use of automated backup to both central and personal repositories has surged to 30%, up from 19% in 2023. Individually, automated backup to central repositories has risen to 27%, up from 14% in 2023, and automated backup to personal repositories is now at 16%.
“It’s encouraging to see that businesses are recognizing the need for secure backup strategies and automating backups will mitigate the risk of employees forgetting or executing the process incorrectly,” says Fielding. “However, it’s imperative that every business should have a comprehensive backup and recovery strategy that follows the ‘3-2-1 rule’. This means having at least three copies of data, stored on at least two different media, one of which should be offsite. One copy of the data should be offline, for example, on an encrypted removable hard drive that can be disconnected from the network.”
The improvements made in backup practices have clearly translated into tangible benefits as evidenced by the largely successful recovery efforts post-breach and the recognition of the need to have strong recovery strategies in place. The Apricorn study found that a striking 46% of respondents now consider robust backup policies as the most important factor for meeting cyber insurance compliance, a substantial increase from 28% in 2023. This shift reflects a growing awareness of the high stakes involved and the role of comprehensive backup solutions in mitigating risks and securing insurance coverage.