Report unlocks key strategies for cyber resilience enhancement

With cyber threats continuously evolving, businesses globally are focusing on strengthening their defences and ensuring swift recovery from attacks, according to Commvault, a provider of cyber resilience and data protection solutions.

Commvault, in collaboration with research firm GigaOm, has published the 2024 Cyber Recovery Readiness Report.

The report, based on a survey of 1,000 security and IT professionals from 11 countries, outlined key steps businesses can take to enhance their resilience against cyberattacks.

The analysis by Commvault and GigaOm identified five critical capabilities, termed resiliency markers, that improve a company’s recovery from cyberattacks.

Five resiliency markers to enhance cyber resilience

The survey highlighted the following five resiliency markers as crucial for enhancing cyber resilience:

• Early warning security tools: technologies that provide early alerts about risks, including insider threats.
• Verified-clean dark site or secondary system: a backup system confirmed to be free of cyber threats.
• Isolated environment for immutable data copies: a secure location to store unchangeable copies of essential data.
• Defined incident response runbooks, roles, and processes: well-structured plans for incident response.
• Cyber recovery readiness measures: specific strategies and tools to demonstrate preparedness for cyber incident recovery.

Differences between cyber-mature organisations and less-prepared organisations

The survey also revealed the differences between cyber-mature organisations – those adopting at least four of the five resiliency markers – and their less prepared counterparts:

• Faster recoveries: Cyber-mature organisations recovered 41% faster than those with zero or one resiliency marker.
• Fewer breaches: These organisations reported fewer breaches, indicating the effectiveness of the resiliency markers.
• Greater confidence in recovery: 54% of cyber-mature organisations were completely confident in their ability to recover from a breach, compared to 33% of less prepared companies.
• Frequent testing practices: 70% of cyber-mature organisations tested their recovery plans quarterly, while 43% of less prepared organisations did the same.

Layered approach to cyber preparedness

Chris Ray, cybersecurity analyst at GigaOm, emphasised the importance of a layered approach to cyber preparedness.

“One of the key findings from the research is that in order to truly advance cyber preparedness, organisations can’t cut corners. We saw significant disparities in resilience between organisations that deployed one or two of the resiliency markers versus four or five. It’s critical that organisations think about resiliency in layers. Less than 85% of respondents surveyed do that today. This needs to rapidly change if companies want to be resilient and have the upper hand against bad actors,” he said.

Tim Zonca, VP of portfolio marketing at Commvault, highlighted the necessity of modern testing practices.

“As we drill down into these cyber capabilities, key practices are emerging as fundamentally critical to any cyber preparedness strategy, and testing for cyber recovery readiness is one of them. Companies that just focus on testing for disaster recovery are missing the boat. Given the evolving nature of cyber threats, frequent and modern testing practices for cyber recovery are essential so environments are not re-infected and recovery processes are robust,” he said.

Commvault’s report was released as the New Zealand government is being called to lead the charge in cybersecurity enhancement.