The Global Cyber Resilience Report 2024 presents an in-depth analysis of the current state of cyber resilience across various industries worldwide. Based on a survey conducted by Cohesity and Censuswide, involving 3,139 IT and Security Operations (SecOps) decision-makers from eight countries, this report sheds light on the significant gaps between perceived and actual cyber resilience capabilities.
Survey Demographics and Scope
The survey, conducted in June 2024, covered both public and private organizations across several countries:
- United States: ~500 respondents
- United Kingdom: ~500 respondents
- Australia: ~500 respondents
- France: ~400 respondents
- Germany: ~400 respondents
- Japan: ~300 respondents
- Singapore: ~300 respondents
- Malaysia: ~200 respondents
Participants were evenly split between IT and SecOps professionals, providing a comprehensive overview of the current cyber resilience landscape.
Key Findings
1. Overestimation of Cyber Resilience
A striking revelation from the survey is the overestimation of cyber resilience capabilities among organizations. Only 2% of respondents indicated that they could recover their data and restore business processes within 24 hours of a cyberattack. This starkly contrasts with the confidence expressed by nearly 4 in 5 (78%) respondents in their organization’s cyber resilience strategy.
2. Ransom Payments: A Growing Concern
The willingness to pay ransoms has become alarmingly common. Approximately 75% of respondents indicated their organization would pay over $1 million to recover data and restore business operations, with 22% willing to pay over $3 million. In the past year, 69% of respondents admitted to paying a ransom, despite 77% having policies against such payments.
Slow Recovery Times
Recovery times reported by organizations reveal significant vulnerabilities:
- Only 2% could recover within 24 hours.
- 18% could recover within 1-3 days.
- 32% required 4-6 days.
- 31% needed 1-2 weeks.
- 16% would need 3+ weeks.
These recovery times fall short of the targeted optimum recovery time objectives (RTO), with 98% aiming for recovery within one day and 45% targeting within two hours.
4. Insufficient Data Privacy Compliance
Just over 2 in 5 (42%) respondents claimed their organization could identify sensitive data and comply with applicable data privacy laws. This indicates a significant gap in necessary IT and security capabilities.
5. Zero Trust Security Deficiencies
Despite the availability of effective security measures, many organizations have not adopted them:
- 48% have not deployed multifactor authentication (MFA).
- Only 52% have implemented MFA.
- Quorum controls or administrative rules requiring multiple approvals are used by 49%.
- Role-based access controls (RBAC) are deployed by 46%.
These deficiencies leave organizations vulnerable to both external and internal threats.
The Escalating Threat Landscape
The survey underscores the increasing threat of cyberattacks:
- In 2022, 74% of respondents felt the threat of ransomware was rising. By 2023, this figure rose to 93%, and in 2024, it reached 96%.
- Two-thirds (67%) of respondents reported being victims of ransomware in the past six months.
Industries Most Affected
The report identifies seven industries that have been hardest hit by cyberattacks:
- IT & Technology (40%)
- Banking & Wealth Management (27%)
- Financial Services (27%)
- Telecommunications & Media (24%)
- Government & Public Services (23%)
- Utilities (21%)
- Manufacturing (21%)
Areas of Critical Concern
1. Confidence-Capability Paradox
The disparity between confidence in cyber resilience strategies and the actual capability to execute these strategies effectively is evident. While many organizations have a cyber resilience plan, their ability to recover quickly from attacks lags significantly behind their goals.
2. Rampant Ransom Payments
The prevalence of ransom payments, often in contradiction to organizational policies, highlights a reactive rather than proactive approach to cyber resilience. The financial impact of paying ransoms extends beyond the immediate cost, affecting downtime, lost opportunities, and reputational damage.
3. Zero Trust Security Deficiencies
The failure to implement robust data access controls like MFA and RBAC poses a significant risk to organizations. Effective security measures are essential for protecting critical data and ensuring business continuity.
Recommendations for Improvement
To address these critical issues, the report suggests several actionable strategies:
- Engage in rigorous testing, drills, and simulations to ensure the effectiveness of backup and recovery processes.
- Sign up for ransomware resilience workshops to enhance cyber incident response capabilities.
- Automate testing of backup data to verify integrity and recoverability without manual intervention.
- Maintain detailed documentation and recovery playbooks to ensure all stakeholders understand their roles during an incident.
Conclusion
The Global Cyber Resilience Report 2024 that was commissioned by Cohesity highlights the urgent need for organizations to bridge the gap between their perceived and actual cyber resilience capabilities. By identifying and addressing these vulnerabilities, organizations can enhance their ability to recover from cyberattacks and protect critical data, ensuring a more secure and resilient future.
The comprehensive data and insights from this report serve as a crucial resource for IT and SecOp professionals aiming to strengthen their cyber resilience strategies and safeguard their organizations against the evolving threat landscape.