As the fifth part in our series analyzing research from the 2024 Data Protection Trends report this week, we are covering what everyone in the IT industry is most concerned about: cyberattacks. Because of the high visibility and ever-present threat to organizations of all sizes, be sure to check out our other major research initiative in the 2023 Ransomware Trends Report published last June. You can expect the next release this coming spring but, in the meantime, the Data Protection Trends report always provides macro data on this important topic.
What Are the Most Common Causes of IT Outages?
For the past several years — as any data protection company might be interested in — the research asks unbiased IT leaders and implementers what were the myriad causes of outages that impacted their organizations for the preceding year, whereby they could list as many different outage causes as they had experienced. In addition, the survey asked which was the cause of the single most impactful outage of the last year. Unfortunately, cyber events were both the most common and most impactful cause of outages for the fourth year running.
It is important to note, while cyber security events were the most common and most impactful, they were not the only causes of outages experienced in 2023. Said another way, while ransomware may get all the headlines and hype, storage still breaks, data still corrupts, patches still go wrong, and all of the other large-scale calamities that IT has always prepared for (fire, flood, tornado, hurricane, etcetera) still occur. Thus, while it might be in vogue or trendy to position backup as a security solution, that would leave many organizations unprepared for the myriad other crises that still happened throughout the year. Simply put, while ransomware is a disaster, it is far from the only disaster that organizations need to guard against.
Ransomware is a ‘When’ Not an ‘If’
That said, while most organizations might assume a hurricane fire to be improbable, most organizations would be well served to plan for a ransomware attack as a near certainty in their future, as seen in the data below:
When organizations were asked “how many ransomware attacks have you suffered in the last year”, the results (for the third year being asked) continue to be unsettling:
- Only one in four (25%) of organizations believe that they did not suffer an attack in 2023. The word ‘believe’ is important in this context in that between organizations reluctance to disclose and the potential of the bad actor to have breached the environment but not yet be discovered, some of those 25% are candidly naive. But the best case is 25% unscathed
- Similarly, 26% acknowledge that they were hit quarterly IE four or more times during the same one year. Imagine having a quarterly business review where cyber breaches were a standing line item on the agenda
The remaining 50% of respondents stated that they were struck between one and three times throughout the year. For more commentary on the 2023 statistics check out this short video:
Please download the entire 2024 Data Protection Trends report. As always, if you have questions about the research, you can find Jason and Dave on X (@JBuff and @BackupDave), LinkedIn, or you can e-mail us at StrategicResearch@veeam.com.