Commvault, a cyber resilience and data protection solutions provider, aims to help organizations enhance their cybersecurity by identifying effective recovery strategies against cyberattacks.
Partnering with GigaOm, a research firm, Commvault released the 2024 Cyber Recovery Readiness Report, based on a global survey of 1,000 security and IT professionals from 11 countries. The survey uncovered five critical capabilities, termed resiliency markers, that significantly improve recovery speed and reduce breaches when implemented together. These markers are:
1. Security tools that enable early warning about risk, including insider risk.
2. A known-clean dark site or secondary system in place.
3. An isolated environment to store an immutable copy of the data.
4. Defined runbooks, roles, and processes for incident response.
5. Specific measures to show cyber recovery readiness and risk.
“As we drill down into these cyber capabilities, key practices are emerging as fundamentally critical to any cyber preparedness strategy, and testing for cyber recovery readiness is one of them,” said Tim Zonca, VP, Portfolio Marketing, Commvault.
Cyber recovery readiness
He emphasized the importance of comprehensive testing for cyber recovery readiness, noting that companies focusing solely on disaster recovery are at a disadvantage. Given the evolving cyber threat landscape, modern and frequent testing practices are essential to ensure robust recovery processes and prevent re-infection.
Key findings from the survey indicated that only 13% of respondents were classified as cyber mature, having deployed at least four resiliency markers. These organizations experienced notable benefits:
- Faster Recoveries: Cyber mature organizations recovered 41% faster than those with zero or one marker.
- Fewer Breaches: They also reported fewer breaches compared to less prepared companies.
- Higher Confidence: 54% of cyber mature organizations were completely confident in their recovery abilities, versus 33% of less prepared ones.
- Frequent Testing: 70% of cyber-mature organizations tested their recovery plans quarterly, compared to 43% of those with fewer markers.
Chris Ray, cybersecurity analyst at GigaOm, highlighted the importance of layered resiliency. He noted significant disparities in resilience between organizations deploying only a few markers versus those implementing all five. Ray stressed the urgent need for companies to adopt comprehensive resiliency strategies to stay ahead of cyber threats.