Commvault, in collaboration with research firm GigaOm, has released its 2024 Cyber Recovery Readiness Report. This eye-opening, global survey of 1,000 security and IT respondents across 11 countries directly addresses a fundamental question – “what can businesses do to be more resilient in the face of cyberattacks?”
Commvault and GigaOm were able to pinpoint five key capabilities, also called resiliency markers, that when deployed together, helped companies recover faster from cyberattacks and experience fewer breaches compared to companies that did not follow the same path.
These five resiliency markers emerged after data analysis teams combed through survey results across a range of topics including: how often companies were breached, what resilience technologies were (or were not) deployed, and how rapidly businesses were able to recover data and resume normal operations. The resiliency markers are as follows:
Security tools that enable early warning about risk, including insider risk.
A known-clean dark site or secondary system in place.
An isolated environment to store an immutable copy of the data.
Defined runbooks, roles, and processes for incident response.
Specific measures to show cyber recovery readiness and risk.
In assessing the results, only 13% of respondents were categorised as cyber mature. The survey yielded very interesting observations:
Faster recoveries: Cyber mature organisations, those that have deployed at least four of the five resiliency markers, recovered 41% faster than respondents with only zero or one marker.
Fewer breaches: Overall, cyber mature organisations report experiencing fewer breaches compared with companies that have less than four markers.
Better confidence about cyber readiness: 54% of cyber mature organisations were completely confident in their ability to recover from a breach, compared to only 33% of less prepared organisations.
Frequent testing makes a big difference: 70% of cyber mature organisations tested their recovery plans quarterly, compared to 43% of organisations with only zero or one maturity marker, that tested with this same frequency.