Enterprises are facing a wave of cyberattacks, with 90% of IT and security leaders reporting cyberattacks in the past year, according to a report from Rubrik Zero.
The report finds that hybrid environments are creating hazards, leading to a cloud security crisis that organisations are unprepared to address.
Findings are based on insights from 1,625 decision-makers at companies with at least 500 employees across 10 markets. These are Singapore, Australia, France, Germany, India, Italy, Japan, the Netherlands, the United Kingdom and the United States. Data covers the full year 2024.
“Many organisations that move to the cloud assume their providers will handle security,” said Joe Hladik, head of Rubrik Zero Labs.
Hladik said the persistence of ransomware attacks, coupled with the exploitation of hybrid cloud vulnerabilities, shows that threat actors are always one step ahead.
“Companies must take action and adopt an attacker’s mindset by identifying – and protecting – the most valuable data before it’s too late,” he said. “The need for a data-centric security strategy that prioritizes visibility, control, and quick recovery has never been more urgent.”
Findings show that cyberattacks are a constant threat as the frequency and impact accelerate.
Nearly one-fifth of organisations globally experienced more than 25 cyberattacks in 2024 alone, according to IT and security leaders. This means an average of at least one breach every other week.
The most common attack vectors cited were data breaches (30%), malware on devices (29%), cloud or SaaS breaches (28%), phishing (28%), and insider threats (28%).
Consequences of these attacks include 40% of respondents reporting increased security costs; 37% noting reputational damage and loss of customer confidence; and 33% experiencing a forced leadership change following a cyber incident.
Also, protecting sensitive data across multiple systems has become increasingly nuanced as the widespread adoption of AI has significantly exacerbated the challenge of data sprawl.
Nine out of 10 (90%) of IT and security leaders report managing hybrid cloud environments, and half of IT leaders say the majority of their workloads are now cloud-based.
As a result, 35% of respondents cite securing data across these varied ecosystems as their top challenge. This was followed by a lack of centralised management (30%), and a lack of visibility and control over cloud-based data (29%).
Meanwhile, 36% of sensitive files in the cloud are classified as high risk and are largely composed of Personally Identifiable Information (PII), such as Social Security numbers and phone numbers. This was followed by digital data and business data, such as intellectual property and source code.
Further, ransomware remains a persistent and evolving threat. Of the organisations that experienced a successful ransomware attack last year, 86% admitted they paid a ransom to recover their data.
Nearly three-quarters (74%) said threat actors were able to partially compromise backup and recovery systems, while 35% said their systems were completely compromised.
In addition, iIdentity threats are intensifying, fueled by the complexity of today’s hybrid environments.
With 92% of organisations using between two and five cloud and SaaS platforms, attackers are exploiting weak points in identity and access management to move laterally and escalate ransomware attacks.
Insider threats – often driven by compromised credentials – were cited by 28% of IT leaders, underscoring the growing difficulty of maintaining strong access controls across distributed systems.
Rubrik telemetry reveals that 27% of high-risk sensitive files contain digital data such as API keys, usernames, and account numbers – exactly the kind of information threat actors seek to hijack identities and infiltrate critical systems.
