Organisations that have experienced cyber incidents in the past are investing more in resilience and recovery strategies to avoid future breaches. New findings from Commvault's 2024 Cyber Recovery Readiness Report reveal that these proactive investments can lead to quicker recovery and significant cost savings.
The global survey, conducted with GigaOm, surveyed 1,000 security and IT professionals across 11 countries. It compared the approaches of organisations that have been breached with those that have not. The results show a clear pattern – breached organisations tend to spend more on cybersecurity and are better prepared to recover from future attacks.
Increased investment in cybersecurity
According to the survey, organisations that have faced a cyberattack are now investing nearly 30% more on cybersecurity than their counterparts that have not been breached. This additional spending covers various aspects of cyber resilience, such as data protection, risk assessments, and regular testing of recovery plans.
One key finding is that organisations that have been breached are nearly 2.5 times more likely to focus on understanding their data risk profiles. This involves identifying the types of data they hold and assessing their level of risk, which helps them prioritise the right protective measures.
In addition to increased spending, these organisations place a strong emphasis on testing their readiness. The survey found that while 20% of non-breached companies don't test their recovery plans at all, only 2% of breached organisations neglect this step. Regular testing allows them to identify gaps in their cyber defences and improve their preparedness.
Faster recovery times for breached organisations
The impact of these proactive measures is clear. Organisations that have experienced a breach and invested in robust cyber recovery strategies recover much faster than those that have not. According to the survey, breached organisations are 32% more likely to recover within 48 hours, whereas some non-breached companies may take up to three weeks or more to get back on track.
“We've all heard the expression hindsight is 20/20, and that could not be more applicable when it comes to the findings of this survey,” said Brian Brockway, Chief Technology Officer at Commvault. “Our survey shows that the most resilient organisations are those that continuously test and refine their recovery strategies, learning from each incident to strengthen their defences. It's this proactive mindset, rather than reactive spending, that makes the difference.”
Reduced downtime following a breach not only saves on direct financial losses but also helps preserve customer trust and brand reputation, which are crucial in today's business environment.
A call for all organisations to improve resilience
While the survey highlights the benefits of increased spending and preparedness, it also serves as a reminder for organisations that have not been breached. Cyber threats continue to evolve, and it's essential for businesses to stay ahead of these risks. “The findings should be a call to action for all organisations, not just those that have been breached,” said Chris Ray, Cybersecurity Analyst at GigaOm. “Cyber threats are constantly evolving, and so too must the strategies to counter them. It's about adopting a holistic approach to cyber resilience that integrates people, processes, and technology, ensuring readiness at every level.”
The Commvault report further highlights five key capabilities, known as resilience markers, which help organisations recover faster from cyberattacks. When deployed together, these markers ensure better protection and quicker recovery, reducing the chances of future breaches. These findings underline the importance of a comprehensive and proactive approach to cybersecurity.
