Senior executives and line-of-business leaders are in many cases minimally engaged in their company’s cyber preparedness initiatives, with only 33% of CEOs or managing directors and less than a quarter (21%) of other senior leaders being heavily involved.
According to research from IDC and Commvault, the majority (52%) of senior leaders have no involvement in their company’s cyber cases.
In this report, IDC surveyed more than 500 security and IT operations leaders worldwide to get a current view of how organisations are perceiving modern security threats and approaching cyber resilience.
In addition to a lack of executive engagement, there is also often confusion between ITOps and SecOps teams in terms of who is doing what when it comes to cyber preparedness.
Only 30% of SecOps teams fully understand ITOps’ roles and responsibilities for cyber preparedness and response. Similarly, only 29% of ITOps teams fully understand what falls to SecOps.
According to IDC, business leaders need to play a key role in ensuring companies prioritise cyber preparedness. Additionally, organisations must ensure there is complete alignment between ITOps and SecOps teams as not doing so can make organisations more prone to successful attacks or lengthy recoveries.
Three in every five (61%) of respondents believe that data loss within the next 12 months is “likely” to “highly likely” to occur due to increasingly sophisticated attacks. Of the respondents surveyed, on-premises workloads were thought to be more vulnerable than cloud workloads.
On a scale of 1-5, with 5 being highly vulnerable, respondents rated on-premises data repositories a 2.8 and physical workloads a 2.77 — higher than that of cloud workloads (2.67).
The research also shows that data exfiltration attacks – when malware or a malicious actor carries out an unauthorised data transfer – occur almost 50% more often than encryption attacks, where hackers aim to decode encrypted data.
Respondents ranked phishing as the most concerning threat to address, given that most ransomware attacks begin with a successful attack on user credentials.
Additionally, as cyberattackers deploy more clever tactics, relying on manual detection and reporting processes are very likely to result in missed anomalies and successful attacks. A potential solution – automation – could lead to faster detection to mitigate the intrusion impact.
However, most organisations (57%) have limited automation for key functions, increasing their chances of missing a threat before it happens; only 22% report being fully automated.
Phil Goodwin, IDC’s research VP on infrastructure systems, platforms and technologies group, said it was crucial that organisations adopt a new approach that spans prevention, mitigation, and recovery.
“The C-suite must ensure teams are prioritising proactive defense, real-time threat intelligence, and robust risk management to pave the way for genuine cyber resilience,” said Javier Dominguez, CISO of Commvault. “It’s also critical that SecOps and ITOps teams work closely together to look holistically at their security posture, end-to-end.”