In a study, managers from the areas of security and IT operations commented on cyber resilience in their company. The majority expect an attack.
Commvault has released a new IDC report commissioned by Commvault entitled “The Cyber-Resilient Organization: Maximum Preparedness with Bullet-Proof Recovery Survey.”
In this report, IDC surveyed more than 500 security and IT operations executives worldwide to get an up-to-date overview of how organizations perceive modern security threats and how they are strengthening their cyber resilience. The key findings of this report fall into three areas: senior leadership commitment to cyber resilience initiatives, fears of data leaks and vulnerable workloads, and the need for automation.
Cyber resilience starts in the executive suite – or does it?
The study shows that in many cases, senior executives or directors are barely involved in their company's cyber resilience initiatives - only a third (33 percent) of CEOs or directors and less than a quarter (21 percent) of other senior executives Employees are heavily involved. According to the study, the majority (52 percent) of senior executives are not involved in their company's cyber events.
In addition to the lack of commitment from managers, it is often unclear between ITOps and SecOps teams who is responsible for what to prepare cyber defense. Only 30 percent of SecOps teams fully understand ITOps roles and responsibilities related to cyber attack preparedness and response. Only 29 percent of ITOps teams know which tasks fall within the scope of SecOps.
According to IDC, business leaders have a key role to play in ensuring organizations prioritize preparing for cyberattacks. Additionally, organizations must ensure that the ITOps and SecOps teams operate in complete coordination with one another. Otherwise, companies are more vulnerable to successful attacks and recovery processes are more lengthy.
Big problem: data leaks – workloads vary in their vulnerability
61 percent of respondents believe data breaches are “likely” to “very likely” in the next 12 months due to increasingly sophisticated attacks. Study participants considered on-premises workloads to be more vulnerable than cloud workloads. On a scale of one to five, with five being high risk, respondents rated on-premises data storage at 2,8 and physical workloads at 2,77 - higher than cloud workloads (2,67).
Data exfiltration is the preferred tactic; manual detection processes fall short
The study also shows that data exfiltration attacks – in which malware or a malicious actor performs an unauthorized data transfer – are nearly 50 percent more common than attacks in which hackers attempt to decode encrypted data. Respondents ranked phishing as the biggest threat to combat. This is because most ransomware attacks begin by successfully compromising user account login credentials.
As cyber attackers use increasingly sophisticated tactics, it is likely that anomalies and successful attacks will be missed if IT managers rely on manual detection and reporting procedures. A possible solution – automation – could detect attacks and risks more quickly in order to reduce the consequences of attacks. However, most companies (57 percent) only automate their key functions to a limited extent. This increases the likelihood that they will miss a threat before it occurs. Only 22 percent of those surveyed say they have fully automated their processes.
Cyber resilience by integrating different approaches
“Cyber attackers never rest and are constantly discovering new ways to exploit vulnerabilities. A truly effective cyber resilience strategy must go beyond just backup and recovery. It is important that organizations adopt a new approach that includes prevention, mitigation and recovery,” said Phil Goodwin, research vice president, Infrastructure Systems, Platforms and Technologies Group, IDC. “Whether on-premises, in the cloud or in a hybrid environment, security leaders must integrate multiple layers of defense. With AI now a tool for both defense and offense, the urgency for comprehensive cyber resilience has never been more evident.”
“Simply responding to cyber threats is a thing of the past. Leadership must ensure that teams prioritize proactive defense, real-time risk analysis and robust risk management to pave the way for true cyber resilience,” said Javier Dominguez, CISO, Commvault. “It is also critical that SecOps and ITOps teams work closely together to take a holistic and end-to-end view of their security posture. With Commvault, resilience isn’t an afterthought – it’s a blueprint.”
Methodology
Commvault wanted to explore how organizations are approaching cyber resilience, common gaps in cyber response, and best practices learned and described by senior IT professionals. To make this possible, Commvault commissioned IDC to conduct an independent study to find answers to these important questions.
The survey methodology used by IDC was as comprehensive as possible and included all three primary survey approaches: a focus group with eight IT executives from large US companies (multinational corporations) with the titles CIO, CTO and CISO; individual in-depth interviews with other CIOs; and a global survey of 513 senior IT and security professionals.
More at Commvault.com
About Commvault Commvault is the leading provider of backup and recovery. Commvault's converged data management solution redefines what backups mean to the advanced business with applications that protect, manage, and utilize their most valuable asset: their data. Software, solutions and services are available directly from Commvault and from a global network of proven partners. The company employs more than 2.300 highly qualified people worldwide, is traded on the NASDAQ (CVLT) and is headquartered in Tinton Falls, New Jersey, USA.
Matching articles on the topic