Cyber attacks do not necessarily lead to a loss of data if they can be adequately defended or if data can be restored from backups and, if the findings of a poll released today are anything to go by, investment in that area of information security may be starting to pay off.

For the first time in the 12-year history of Databarracks' annual poll among IT, security, disaster recovery and business continuity practices, cyber attacks have decreased as a cause of data loss. The research concurrently reflects steadily increasing cyber budgets, with 40% reporting increased investment in the last 12 months (up from 33% last year). There is an increase in confidence, too, as 64% of respondents (up from 56% last year) claim they now have sufficient in-house cyber security skills to deal with the current threat landscape.

Peter Groucutt, managing director of Databarracks says that for as long as the company has been running the Data Health Check, cyber attacks have been growing as a cause of data loss, but now it looks like the tide is turning.

“Although we have seen a reduction in data loss caused by cyber attacks, it is still growing as a cause of downtime, increasing every year since 2016. A cyber attack does not necessitate a loss of data if it can be adequately defended or data restored from backups. Recovering from a cyber incident takes time and may require systems to be taken offline as a precaution. The research suggests many organisations have prioritised protecting their data and improving their in-house defences against common cyber threats.

“These improvements are the result of sustained investment and effort over several years.However, it needs to be emphasised that defending against these threats is an ongoing battle. We might have closed the gap in the arms-race with cyber criminals but if we don’t keep up our pace, we’ll soon fall behind.

“Since lockdown began, cyber criminals have been looking to take advantage of the disruption. Ransomware attacks on Honda, Blackbaud, the healthcare sector and more recently Garmin have highlighted how damaging it can be for an organisation to be affected by multiple concurrent crises when in an already weakened state.

“Staff are decentralised, working remotely, increasing the attack surface. That gives cyber criminals new opportunities to exploit.

“It is understandable that many organisations will be operating under budget constraints due to COVID-19, but IT has proven to be the critical business service in the pandemic. It’s vital that they continue to invest in mission-critical IT services, especially cyber security to avoid having to cope with a ‘crisis in a crisis’."

These findings are taken from Databarracks’ annual Data Health Check survey which has been running since 2008. The survey asks over 400 IT decision-makers in the UK questions on a series of mission-critical issues.

Share Story: