THE Global Cyber Resilience Report 2024 presents an in-depth analysis of the current state of cyber resilience across various industries around the world. Based on a survey of 3,139 IT and security (SecOps) decision makers across eight countries conducted by Cohesity and Censuswide, this report highlights significant gaps between perceived and actual cyber resilience capabilities.
Demographic survey and scope
The survey, conducted in June 2024, covered public and private organizations in several countries:
- United States: approximately 500 respondents
- UK: approximately 500 respondents
- Australia: approximately 500 respondents
- France: ~400 respondents
- Germany: around 400 respondents
- Japan: about 300 respondents
- Singapore: about 300 respondents
- Malaysia: about 200 respondents
Attendees were evenly split between IT and SecOps professionals, providing a comprehensive overview of the current cyber resilience landscape.
Main conclusions
1. Overestimation of cyber resilience
The survey reveals a striking revelation: the overestimation of organizations’ cyber resilience capabilities. Only 2% of respondents indicated that they could recover their data and restore their operational processes within 24 hours of a cyber attack. This figure contrasts sharply with the confidence expressed by nearly 4 in 5 respondents (78%) in their organization’s cyber resilience strategy.
2. Ransom payments: a growing concern
The willingness to pay ransoms has become extremely common. About 75% of respondents indicated that their organization would be willing to pay more than $1 million to recover data and restore operations, and 22% were willing to pay more than $3 million. In the past year, 69% of respondents admitted to paying a ransom, although 77% of them had a policy prohibiting such payments.
Slow recovery times
Recovery times reported by organizations reveal significant vulnerabilities:
- Only 2% were able to recover within 24 hours.
- 18% could recover in 1-3 days.
- 32% required 4 to 6 days.
- 31% needed 1 to 2 weeks.
- 16% would need 3 weeks or more.
These recovery times are below the targeted optimal recovery time (RTO) objectives, with 98% aiming for recovery within one day and 45% aiming for recovery within two hours.
4. Insufficient compliance with data protection
Just over 2 in 5 respondents (42%) said their organization was able to identify sensitive data and comply with applicable data privacy laws. This indicates a significant gap in necessary IT and security capabilities.
5. Zero Trust Security Deficiencies
Despite the availability of effective security measures, many organizations have not adopted them:
- 48% have not deployed multi-factor authentication (MFA).
- Only 52% have implemented multi-factor authentication.
- Quorum controls or administrative rules requiring multiple approvals are used by 49%.
- Role-based access controls (RBAC) are deployed at 46%.
These deficiencies make organizations vulnerable to external and internal threats.
The landscape of growing threats
The survey highlights the growing threat of cyber attacks:
- In 2022, 74% of respondents believed the threat of ransomware was increasing. In 2023, this figure increased to 93%, and in 2024, it reached 96%.
- Two-thirds (67%) of respondents said they had been a victim of ransomware in the past six months.
The most affected sectors
The report identifies seven sectors of activity most affected by cyberattacks:
- Computer science and technology (40%)
- Banking and wealth management (27%)
- Financial services (27%)
- Telecommunications and media (24%)
- Government and public services (23%)
- Public services (21%)
- Manufacturing industry (21%)
Areas of critical concern
1. The paradox of self-confidence and abilities
The gap between confidence in cyber resilience strategies and the actual ability to implement those strategies effectively is evident. While many organizations have a cyber resilience plan in place, their ability to recover quickly from attacks falls far short of their goals.
2. Excessive ransom payments
The prevalence of ransom payments, often at odds with organizations’ policies, highlights a reactive rather than proactive approach to cyber resilience. The financial impact of ransom payments extends beyond the immediate cost, affecting downtime, lost opportunities, and reputational damage.
3. Zero Trust Security Deficiencies
Failure to implement robust data access controls such as multi-factor authentication and role-based access control (RBAC) poses a significant risk to organizations. Effective security measures are essential to protect critical data and ensure business continuity.
Recommendations for improvement
To address these critical issues, the report suggests several concrete strategies:
- Participate in rigorous testing, exercises, and simulations to ensure the effectiveness of backup and recovery processes.
- Sign up for ransomware resilience workshops to improve your cyber incident response capabilities.
- Automate Backup Data Testing to verify integrity and recoverability without manual intervention.
- Maintain detailed documentation and recovery manuals to ensure all stakeholders understand their role during an incident.
Conclusion
Global Cyber Resilience Report 2024 which was ordered by Cohesion highlights the urgency for organizations to close the gap between their perceived and actual cyber resilience capabilities. By identifying and addressing these vulnerabilities, organizations can improve their ability to recover from cyberattacks and protect critical data, ensuring a more secure and resilient future.
The comprehensive data and information in this report is an essential resource for IT and SecOp professionals looking to strengthen their cyber resilience strategies and protect their organizations against the evolving threat landscape.