In an era marked by relentless cyber threats, businesses worldwide are constantly seeking ways to bolster their defences and ensure swift recovery from attacks. Today, Commvault, a leading provider of cyber resilience and data protection solutions for the hybrid cloud, in collaboration with research firm GigaOm, unveiled their 2024 Cyber Recovery Readiness Report. This comprehensive global survey of 1,000 security and IT professionals across 11 countries including Australia addresses a critical question: “What can businesses do to be more resilient in the face of cyberattacks?”
Through the data analysis, Commvault and GigaOm identified five key capabilities, termed ‘resiliency markers’, that significantly enhance a company’s ability to recover from cyberattacks. These markers, when implemented together, not only accelerate recovery times but also reduce the frequency of breaches.
The Five Resiliency Markers
The survey’s data analysis revealed the following five resiliency markers as essential for improving cyber resilience:
- Early Warning Security Tools: Tools that provide early warning about risks, including insider threats.
- Known-Clean Dark Site or Secondary System: A secondary system that is confirmed to be free of any cyber threats.
- Isolated Environment for Immutable Data Copies: A secure environment to store unchangeable copies of critical data.
- Defined Incident Response Runbooks, Roles, and Processes: Clear and structured plans for responding to incidents.
- Cyber Recovery Readiness Measures: Specific strategies and tools to demonstrate and ensure preparedness for recovery from cyber incidents.
Key Findings from the Survey
The survey highlighted significant insights, particularly the stark differences between cyber mature organisations—those that have adopted at least four of the five resiliency markers—and their less prepared counterparts.
- Faster Recoveries: Cyber mature organisations recovered 41% faster than those with zero or one resiliency marker.
- Fewer Breaches: These organisations reported fewer breaches, underscoring the effectiveness of the resiliency markers.
- Higher Confidence in Recovery: 54% of cyber mature organisations were completely confident in their ability to recover from a breach, compared to only 33% of less prepared companies.
- Frequent Testing Practices: 70% of cyber mature organisations tested their recovery plans quarterly, while only 43% of less prepared organisations did the same.
Expert Opinions
Chris Ray, Cybersecurity Analyst at GigaOm, emphasised the importance of a layered approach to cyber preparedness: “One of the key findings from the research is that in order to truly advance cyber preparedness, organisations can’t cut corners. We saw significant disparities in resilience between organisations that deployed one or two of the resiliency markers versus four or five. It’s critical that organisations think about resiliency in layers. Less than 85% of respondents surveyed do that today. This needs to rapidly change if companies want to be resilient and have the upper hand against bad actors.”
Tim Zonca, VP of Portfolio Marketing at Commvault, highlighted the necessity of modern testing practices: “As we drill down into these cyber capabilities, key practices are emerging as fundamentally critical to any cyber preparedness strategy, and testing for cyber recovery readiness is one of them. Companies that just focus on testing for disaster recovery are missing the boat. Given the evolving nature of cyber threats, frequent and modern testing practices for cyber recovery are essential so environments are not re-infected and recovery processes are robust.”
Conclusion
The 2024 Cyber Recovery Readiness Report by Commvault and GigaOm underscores the importance of a comprehensive, layered approach to cyber resilience. By adopting the five resiliency markers and prioritising frequent testing of recovery plans, organisations can significantly enhance their ability to withstand and quickly recover from cyberattacks. As cyber threats continue to evolve, these insights and strategies will be invaluable for businesses striving to protect their data and maintain operational continuity.