Concern over cyber threats continues to grow and remain at the top of the list for causes of organisational disruption, with 64% of IT and IT security decision makers in Singapore reporting a cyberattack that prevented access to data within the past 12 months.
Based on a report from Dell Technologies, the monetary impact on organisations is considerable with costs more than doubling over our last report to $1.4 million on average globally.
The latest Global Data Protection Index surveyed 1,500 IT and IT security decision makers from a wide range of public and private industries in September and October 2023.
Respondents were from across the Americas; Europe, the Middle East and Africa; and the Asia-Pacific region including Japan and China.
“With massive data growth, unique data mobility needs, and increased experimentations with generative AI, organisations in Asia-Pacific and Japan must juggle multiple fronts to effectively protect their data,” said Lucas Salter, general manager of data protection solutions at Dell Technologies, APAC, Japan and Greater China.
“In times where cyber attacks grow in frequency and sophistication, customers need a holistic data protection strategy with an integrated portfolio of solutions to improve their cyber resilience,” said Salter.
This concern is well founded as 77% of organisations surveyed are worried that their existing data protection measures are unable to cope with ransomware threats, and 64% are not very confident that they could reliably recover in the event of a destructive cyberattack.
Yet, despite these perspectives, most organisations (57%) invest more in cyber prevention than cyber recovery. The balance between prevention and recovery needs to be carefully thought through considering the reality that successful attacks are on the rise.
Another reoccurring red flag is that 89% of organisations believe that the rise in remote workers, fuelled by the pandemic and still prevalent today, has increased their exposure to data loss from a cyberattack.
New insights were also uncovered regarding the use and effectiveness of insurance policies to help mitigate an organisation’s financial exposure. While 99% of organisations cited the use of ransomware insurance policies, they noted that several conditions could limit coverage.
For example, 76% responded that proof of best practices for cyberthreat prevention was required, 57% indicated some scenarios would void the policy and 47% pointed to the fact that payments to some entities may be restricted by law.
In the end, 94% of organisations had to pay to access their data. So, while insurance policies can be a valid component of a cyber security strategy, organisations must understand their limitations.
In response to these growing threats, organisations are not sitting still when it comes to fortifying their cyber resiliency.
Several trends indicate that organisations are becoming more proactive with 55% bringing in professional services to bolster resources, 51% conducting regular cyber recovery testing and 40% having deployed a cyber vault with physical and logical separation from production data.
For the first time, the GDPI probed into the impact of generative AI on both the cyber threat landscape and future data protection requirements, and 43% believe that generative AI will provide an advantage to their organisation’s cyber security posture.
However, 91% also agree that generative AI is likely to generate large volumes of new data and increase the value of certain data types, which will need to be considered when mapping out their future data protection strategies.
