Dive Brief:
- Companies have largely overestimated their cyber resilience capabilities, and are mostly unable to maintain their own business recovery goals when confronted by ransomware or other malicious attack, according to a survey commissioned by Cohesity.
- Nearly 7 in 10 IT and security leaders said their organization paid a ransom in the last year, despite widespread internal policies to not pay ransoms. Almost 4 in 5 respondents said their company had a policy to not pay extortions.
- Almost half of the companies surveyed said they need more than six days to recover their core business processes after an attack.
Dive Insight:
The report highlights a disconnect between what companies like to project as their ability to withstand a malicious attack and their actual capabilities while under duress.
The report is based on a survey, conducted by Censuswide, of more than 3,100 IT and security decision makers across eight countries between June 27 and July 18.
About 4 in 5 respondents said they were confident in their company’s resilience strategy. However, the study indicated the projected confidence was based more on lofty goals instead of real world performance.
The vast majority, 98% of respondents, said their companies had a targeted recovery time of one day in the event of a cyberattack or similar security incident. However, nearly one-third said they would need at least four to six days to recover and 31% said they would need one to two weeks.
The ability to recover from catastrophic IT and security incidents has taken on added significance in the wake of the February ransomware attack against Change Healthcare and the July IT outage impacting 8.5 million Microsoft Windows devices linked to a defective CrowdStrike software upgrade.