Half of organisations have suffered a cyberattack or incident that prevented access to data in 2023

Dell Technologies 2023 Global Data Protection Index reveals increasing complexity of data protection and rising implications of IT downtime and security breaches.

  • 10 months ago Posted in

Globally, over half (54%) of organisations (UK: 48%) have suffered a cyberattack or incident that prevented access to data last year, according to the 2023 Dell Technologies Global Data Protection Index (GDPI) survey of 1,000 IT decision makers (ITDMs) and 500 IT security decision makers.

Respondents report that IT disruption is commonplace, with the vast majority (global: 90%, UK: 87%) saying their organisations experienced some form of IT disruption in 2023. Amongst UK respondents, hardware failure (51%) was the most cited cause of data loss and/or systems downtime within organisations. Over half (global: 55%, UK: 52%) of those who experienced a cyberattack event said attackers’ first point of entry was external - users clicking on spam or phishing emails and malicious links, compromised user credentials and hacked mobile devices.

Looking to the implications, respondents said that disruptions that include data loss cost on average USD $2.61 million in 2023, accounted for an average of 26 hours of unplanned downtime and resulted in an average of 2.45TB worth of data loss. Costs associated with cyberattacks and related incidents have also doubled, up from USD $0.66 million in 2022 to USD $1.41 million in 2023.

Generative AI and cybersecurity

Generative AI (GenAI) is emerging as a strategic tool for bolstering defences, with 52% (UK: 40%) of those surveyed saying that integrating GenAI will provide an advantage to their organisation’s cybersecurity posture. However, showing the dual nature of GenAI as both a defensive asset and source of complexity, 88% (UK: 87%) also agreed that the adoption of GenAI will generate large volumes of new data that will need to be protected and secure. The same percentage (88%) (UK: 78%) agreed that GenAI will amplify the value of specific data types, which will also require additional and higher measures of security.

This could be why UK respondents highlighted ability to protect multi-workload environments (61%) and ensuring cybersecurity across all multicloud environments (63%) as the capabilities most important to their organisation when enabling hybrid, multicloud operations. Similarly, UK respondents cited data security (49%), cost (45%) and complexity (44%) as the key issues faced by organisations maintaining data in public, multicloud environments.

Looking to ransomware attacks, responses suggest an over-confidence surrounding the consequences of a breach. 74% (UK: 54%) believe that if their organisations experience an attack, they would get all of their data back if they paid the ransom. In contrast, UK respondents are less hopeful, with just over half (54%) believing they would get all of their data back. Furthermore, globally, 66% (UK: 51%) believe that once they pay the ransom, they won’t be attacked again.

The majority (global: 93% UK: 81%) stated that their organisations have ransomware insurance policies but only 28% (UK: 40%) of those who experienced an attack said their organisations were fully reimbursed through the policy. Survey responses also suggest ransomware policies are heavily caveated. 57% (UK: 47%) said their organisation had to prove ‘best practice’ cyber threat prevention, 43% (UK: 41%) said their policy limited claim pay-outs and 40% (UK: 44%) said particular scenarios voided their policy.

Steve Young, UK SVP and MD at Dell Technologies, comments: "The doubling of costs associated with cyberattacks in the last year is shocking. It's also concerning that over half of those who experienced a cyberattack event said the attacker's first point of entry was external, such as users clicking on phishing emails and malicious links. Cybercrime continues to evolve in sophistication, and as the capabilities of GenAI expand, threat actors will uncover vulnerabilities faster and become increasingly convincing in their deception. GenAI is one way to leverage innovations to shore up defences, but it also creates new volumes of data that naturally become harder to protect and more easily targeted."

"Multicloud still appears to be the preferred strategy for organisations seeking to deploy or update applications, but the increasingly distributed nature of data is causing data protection concerns. This emphasises the importance of having a coherent multi-cloud strategy that enables consistent cyber resilience capabilities across public cloud ecosystems and private cloud and edge environments. Only by doing so can an organisation's defences remain as dynamic as the evolving threats it faces."

Rob Tomlin, Vice President, UK Channel, at Dell Technologies, comments: "Nearly half of UK organisations suffered a cyberattack or incident that prevented access to data last year, and many now recognise the significant new cybersecurity challenges posed by GenAI. It can be a powerful tool to strengthen organisations' cyber posture while simultaneously creating new attack vectors and increasing the risk of cyber attacks. This duality represents significant implications for the channel, with the partners that develop the right skills and resources to assist their customers in responding to these challenges ensuring themselves a substantial competitive advantage." 

Ransom attacks in the cloud are a perennially popular topic of discussion in the cloud security...
Talent and training partner, mthree, which supports major global tech, banking, and business...
Cloud-native organisations to gain full understanding over every identity in the cloud, secured...
MSSPs identify regulatory compliance as additional factor as organisations seek to shift...
Orange Business (Norway), a global leader in digital services, has selected ARMO’s advanced...
Gigamon and Exclusive Networks have expanded their existing distribution partnership, broadening...
Trustwave and Cybereason have announced a definitive merger agreement offering a comprehensive and...
FortiDLP’s unified approach to data protection enables enterprise organizations to anticipate and...