Cohesity issues 2024 Global Cyber Resilience Report

SAN JOSE, Calif. — Cyber resilience research commissioned by Cohesity has revealed that organizations overestimate their cyber resilience capabilities and maturity, leading to significant business continuity disruptions and ransom payments.

The Cohesity Global Cyber Resilience Report 2024 was polled from over 3100 IT and Security decision-makers in eight countries and Cohesity said that data confirms the threat of cyberattacks - especially ransomware - continues to rise, with the majority of respondents falling victim to a ransomware attack in the last six months, and most having paid a ransom in the past year. Moreover, most respondents said the threat of cyberattacks to their organization's industry of operation has or will increase in 2024 compared to 2023.

According to respondents, companies’ cyber resilience strategies are holding up against a worsening cyber threat landscape, with close to 4 in 5 (78%) respondents saying they have confidence in their company’s cyber resilience strategy and its ability to ‘address today’s escalating cyber challenges and threats’. At the same time, over 2 in 3 (67%) respondents revealed they had been the ‘victim of a ransomware attack’ in 2024; 96% said the threat of cyberattacks to their industry would increase or had increased this year, with close to 3 in 5 (59%) saying it had or will increase by over 50% compared to 2023.

Organizations Are Paying Ransoms & Breaking ‘Do Not Pay’ Policies

However, despite the majority of respondents saying they were ‘mostly confident’ or had ‘complete confidence’ in their organization’s cyber resilience strategy, Cohesity revealed that only 6% of respondents said their company would not pay a ransom to recover data and restore business processes, or do so faster, with 83% saying they would. In fact, 3 in 4 (75%) respondents globally said their company would be willing to pay over US$1 million in ransoms to recover data and restore business processes and over 1 in 5 (22%) said their company would be willing to pay over US$5 million.

Nearly 7 in 10 (69%) respondents said their organization had paid a ransom in the last year, before being surveyed, despite 77% saying their company had a ‘do not pay’ policy. The more than 2100 respondents, who have paid a ransom, said they had paid ransoms in the past year totaling:

•  37% have paid ransom(s) between US$1 - US$249,999
•  23% have paid ransom(s) between US$250,000 - US$499,999
• 23% have paid ransom(s) between US$500,000 - US$999,999
• 12% have paid ransom(s) between US$1,000,000 - US$2,999,999
•  6% have paid ransom(s) between US$3,000,000 - US$9,999,999
•  0.33% (7 respondents) have paid ransom(s) between US$10,000,000 - US$25,000,000

“The reality for organizations is that destructive cyberattacks, like ransomware, are a ‘when’ not ‘if’ reality that threatens their business continuity. However, organizations can tackle this reality head-on by enhancing their cyber resilience - the ability to rapidly respond and recover from cyberattacks or traditional business continuity scenarios - by adopting modern data security, response, and recovery capabilities,” said Brian Spanswick, CISO and CIO, Cohesity. “Organizations may have the greatest confidence in their cyber resilience, both in their strategy and capabilities, but the reality is that the majority are paying ransoms or would pay a ransom, so organizations are overconfident or overestimate their cyber resilience.”

Companies’ Confidence in Cyber Resilience Doesn’t Match Recovery & Restoration Realities

 Cohesity calls Cyber resilience, “the technology backbone for business continuity,” Noting that it defines companies’ ability to recover their data and restore business processes when they suffer a cyberattack. However, cyber resilience remains a challenge that threatens business continuity, according to respondents:

• Only 2% of respondents said they could recover data & restore business processes within 24 hours
• 18% said their company could recover data and restore business processes within 1-3 days
• 32% said they could recover and restore in 4 to 6 days, while 31% would need 1-2 weeks
• Almost 1 in 6 (16%) need over three weeks to recover data and restore business processes

“Cyber resilience is critical because the incentive and motivation of attackers is so high, with attack surfaces incredibly vast, so a reliance on protective controls is unrealistic,”  Spanswick continued. “Successful cyberattacks and data breaches severely disrupt business continuity; impacting revenue, reputation, and customer trust. This risk must be at the forefront of business leaders’ priorities, not just IT and Security leaders. Similarly, regulation and legislation should not be seen by companies as the ‘ceiling’, but instead the ‘floor,’ in both developing cyber resilience and adopting data security or recovery capabilities.”

You can find Cohesity’s full report online at www.cohesity.com.