A recent study reveals that organizations that have experienced cyber incidents in the past are significantly increasing their investment in cyber resilience and recovery strategies. This trend emerges as a response to previous experiences and aims to strengthen defenses against future attacks.
Key findings from the study
The “Cyber Recovery Preparedness 2024” survey, conducted by Commvault in collaboration with GigaOm, sheds light on behavioral changes among organizations that have experienced security breaches and those that have not. The study, which involved 1,000 security and IT professionals in 11 countries, revealed significant data:
– Companies that have suffered attacks invest nearly 30% more in cybersecurity measures than those that have not been affected.
– There is a greater tendency to prioritize understanding data risk profiles among attacked organizations, being 2.5 times more likely to do so.
– There is an increase in the frequency of cyber preparedness testing among companies that have experienced breaches.
Impact of investments in cyber resilience
The study highlights that organizations that have invested in comprehensive cyber recovery plans after suffering an attack recover 41% faster than those less prepared. Specifically:
– Attacked companies are 32% more likely to recover within 48 hours compared to those that have not experienced leaks.
– This reduced downtime translates into significant savings, both in direct financial losses and in preserving customer trust and brand reputation.
The importance of proactivity
Brian Brockway, Chief Technology Officer of Commvault, emphasizes: “Our survey shows that the most resilient organizations are those that continuously test and refine their recovery strategies, learning from each incident to strengthen their defenses. It is this proactive mentality, rather than reactive spending, that makes the difference.”
Resilience markers
The report also identifies five key capabilities, called “resilience markers,” that, when implemented together, help companies to:
– Recover more quickly from cyber attacks.
– Experience fewer breaches compared to companies that do not follow this approach.
These markers were determined after a thorough analysis of survey data, considering factors such as the frequency of attacks, implemented resilience technologies, and the speed of data and operations recovery.
Chris Ray, GigaOm’s cybersecurity analyst, concludes: “The findings should be a call to action for all organizations, not just those that have suffered a breach. Cyber threats are constantly evolving, and so should the strategies to counteract them.”