Commvault Report: Key Strategies For Enhanced Cyber Resilience

In an age where cyber threats are ever-present, businesses globally are in a constant quest to strengthen their defences and ensure rapid recovery from attacks. Today, Commvault, a prominent provider of cyber resilience and data protection solutions for the hybrid cloud, in collaboration with research firm GigaOm, released their 2024 Cyber Recovery Readiness Report. This extensive global survey of 1,000 security and IT professionals across 11 countries tackles a vital question: “What steps can businesses take to be more resilient against cyberattacks?”

Through detailed data analysis, Commvault and GigaOm pinpointed five critical capabilities, referred to as resiliency markers, that significantly improve a company's ability to recover from cyberattacks. These markers, when deployed together, not only speed up recovery times but also decrease the occurrence of breaches.

The Five Resiliency Markers

The survey’s analysis highlighted the following five resiliency markers as crucial for enhancing cyber resilience:

1. Early Warning Security Tools: Technologies that provide early alerts about risks, including insider threats.
2. Verified-Clean Dark Site or Secondary System: A backup system confirmed to be free of cyber threats.
3. Isolated Environment for Immutable Data Copies: A secure location to store unchangeable copies of essential data.
4. Defined Incident Response Runbooks, Roles, and Processes: Well-structured plans for incident response.
5. Cyber Recovery Readiness Measures: Specific strategies and tools to demonstrate preparedness for cyber incident recovery.

Key Findings from the Survey

The survey uncovered notable insights, particularly the differences between cyber mature organizations—those that have adopted at least four of the five resiliency markers—and their less prepared counterparts.

• Faster Recoveries: Cyber mature organisations recovered 41% faster than those with zero or one resiliency marker.
• Fewer Breaches: These organisations reported fewer breaches, highlighting the effectiveness of the resiliency markers.
• Greater Confidence in Recovery: 54% of cyber mature organisations were completely confident in their ability to recover from a breach, compared to only 33% of less prepared companies.
• Frequent Testing Practices: 70% of cyber mature organisations tested their recovery plans quarterly, while only 43% of less prepared organisations did the same.

Expert Insights

Chris Ray, Cybersecurity Analyst at GigaOm, emphasized the importance of a layered approach to cyber preparedness: “One of the key findings from the research is that in order to truly advance cyber preparedness, organisations can’t cut corners. We saw significant disparities in resilience between organisations that deployed one or two of the resiliency markers versus four or five. It’s critical that organisations think about resiliency in layers. Less than 85% of respondents surveyed do that today. This needs to rapidly change if companies want to be resilient and have the upper hand against bad actors.”

Tim Zonca, VP of Portfolio Marketing at Commvault, highlighted the necessity of modern testing practices: “As we drill down into these cyber capabilities, key practices are emerging as fundamentally critical to any cyber preparedness strategy, and testing for cyber recovery readiness is one of them. Companies that just focus on testing for disaster recovery are missing the boat. Given the evolving nature of cyber threats, frequent and modern testing practices for cyber recovery are essential so environments are not re-infected and recovery processes are robust.”

Conclusion

The 2024 Cyber Recovery Readiness Report by Commvault and GigaOm underscores the importance of a comprehensive, layered approach to cyber resilience. By adopting the five resiliency markers and prioritizing frequent testing of recovery plans, organizations can significantly enhance their ability to withstand and quickly recover from cyberattacks. As cyber threats continue to evolve, these insights and strategies will be invaluable for businesses striving to protect their data and maintain operational continuity.

© Scoop Media