Most companies in Southeast Asia that have been attacked in the past year are struggling to manage “dark data” and identifies significant gap between business expectations and IT realities, according to a report from Commvault.
The report, conducted by Tech Research Asia (TRA) and commissioned by Commvault, surveyed CIOs/CISOs, IT leaders, and decision makers from 900 organisations across Indonesia, Malaysia, Philippines, Singapore, Thailand, and Vietnam.
Seven in every 10 (71%) organisations surveyed have experienced at least one cyberattack in the past year. Singapore, Thailand, and Vietnam experienced the majority of attacks on data environments, including production, secondary, and backups, while attacks on production data only is highest in Singapore, Malaysia, and Vietnam.
Of those who experienced a cyberattack, just 35% successfully recovered 100% of their data. When asked about the challenges, maintaining immutable data across multi-infrastructure environments was identified as the top hurdle for organisations when trying to secure their data estates.
The research found misaligned expectations of business leaders and IT teams when it comes to cyber recovery. For business leaders, speed of business resumption is paramount – with 24% stating an outage of one day or less is tolerable.
By the end of day five, 79% of business leaders expect the organisation to have data access restored and be back in business. However, the IT teams reported the average time it took to recover from a breach is between four to five weeks.
“Businesses in ASEAN are overwhelmed with huge volumes of data, escalating threats, and the complexity of their own IT systems,” said Michel Borst, area VP at Commvault.
“Additionally, they are dealing with diminished budgets and scarce IT and security teams,” said Borst. “From our research, it is clear there are serious gaps in ASEAN organisations’ cyber resiliency maturity, their ability to recover all data, and the speed by which they can resume operations as the business requires.”
Also, the research highlights that 91% of companies struggle with managing “dark data,’ which Gartner defines as the information assets organisations collect, process and store during regular business activities, but generally fail to use for other purposes, such as analytics.
These statistics highlight a critical gap in the region’s ability to respond to and recover from cyber incidents.
Further, the research revealed that only 7% of companies in the region believe they have a “proactive, mature cyber resiliency capability.”
When it comes to testing their incident response plans, 85% of companies stated they have a response plan in place if attacked.
However, only 26% said they have a “clearly understood response and communication plan in place” while 22% stated their incident response capability is weak, “very unorganised,” and “(they) scramble to respond.”
Daniel Tan, head of Commvault’s solutions engineering team in Asia, said that testing incident response and cyber readiness has historically been very challenging, but it is critical.
“The trouble is that traditional modes of testing can be cost-prohibitive and bring significant disruption to the operations,” said Tan. “This, compounded with having to engage multiple vendors, creates a lack of visibility into, and gaps in, recovery capabilities, ultimately costing organisations more in terms of money and time to recover.”
According to Commvault, modern cleanrooms in the cloud can help address these testing challenges.
“They are designed to not only provide companies with a way to orchestrate, on demand, recovery into a clean, isolated location in the cloud, but organisations can also use them to frequently and cost effectively test their cyber recovery strategies in advance – critical in an age of rapidly evolving cyber threats,” added Tan.
The research revealed that 92% of companies are using some form of data cleanrooms across the region, of which 28% ranked better data recovery post breach as the top benefit.
