A new report from EMC shows that businesses are tackling traditional cybersecurity issues better, but they are failing to address emerging threats.
On Tuesday, EMC Corporation released research results detailing that, while businesses are making strides against traditional data loss threats, they are failing to engage with the emerging threats. And, that failure to address growing challenges is costing them--big.
The report, titled the EMC Global Data Protection Index 2016, surveyed IT decision-makers at 2,200 organizations across 18 countries and was carried out by Vanson Bourne. Compared to the same report from 2014, 13% more businesses experienced either data loss or disruption in the past year, with each incident costing an average of $914,000.
While more businesses are experiencing breaches, the total number of breaches is down overall. In total, 36% of organizations represented by the survey had lost data as a result of a security breach over the past 12 months. However, that number drops to 23% when only looking at external breaches.
The report primarily focused on enterprise backup. As a result it found that, in addition to primary data, a business's backup and protection data are also at risk of a cyberattack. This could take the form of extortionists demanding cash to release stolen data, data affected by ransomware, or a host of other issues.
"There are forces at play now that aren't satisfied with just stealing your money, they want to destroy your entity," said Steve Duplessie, founder and senior analyst at Enterprise Strategy Group. "You can either start taking these threats seriously, or start looking for a hole to crawl into. Ignorance is no longer bliss."
SEE: Information security policy (Tech Pro Research)
The EMC-sponsored report also found some interesting behavior in regards to the many organizations' approach to the cloud. More than 80% of those surveyed said they will be running key business apps in the public cloud sometime in the next two years. Additionally, more than half are running email in the public cloud.
However, not even half of those same respondents said they protect that cloud data against corruption or deletion. That means that many IT leaders are relying on SaaS tools and applications, but they aren't doing all they can to secure the data used in those applications.
In the event of downtime or data loss, more than 70% of survey respondents were "not very confident they could fully recover their systems or data." When asked about the causes of data loss and system downtime, those surveyed responded:
- Hardware failure - 45%
- Power failure - 35%
- Software failure - 34%
- Data corruption - 24%
A lack of confidence seemed to be seeping into data center performance as well, as 73% said they weren't confident that their security solutions would be able to keep up with flash storage. For example, tools like encryption could potentially become a bottleneck if they weren't able to encrypt or decrypt quickly enough to keep pace with the additional speed and performance offered by flash and SSD storage.
"While many organizations are updating their primary storage environments, they aren't paying the same attention to their backup environments," an EMC spokesperson said. "As a result, data may not get backed up given the sheer volume and the complex data paths that come with flash environments, making it difficult to recover data during a downtime."
The 3 big takeaways for TechRepublic readers
- Enterprises are addressing traditional data loss threats, but emerging problems are costing them nearly $1 million an episode and are growing.
- While more than 80% of enterprises will be relying on public cloud for their applications, less than half of the respondents were protecting their cloud data.
- Security is also affecting data center performance, as 73% weren't confident their tools could keep pace with the faster speeds of flash storage.
- Developers will cheat on their cloud provider for better security, new survey says (TechRepublic)
- A hacker is advertising millions of stolen health records on the dark web (ZDNet)
- Election Tech: What happens when presidential candidates are hacked (TechRepublic)
- New exploits target hospital devices, places patients at risk (ZDNet)
- Chinese cybersecurity breaches drop 90%, but expert warns not to let guard down (TechRepublic)