Nearly Half of Respondents in the Global Survey State Their Organization Has Been Hit by Ransomware in the Last Six Months
SAN JOSE, Calif. — June 6, 2022 — New research commissioned by Cohesity, a leader in next-gen data management, reveals that while most IT and security operations (SecOps) decision-makers believe they should jointly share the responsibility for their organization’s data security strategy, many of these teams are not collaborating as effectively as possible to address growing cyber threats. The survey also shows that of those respondents who believe collaboration is weak between IT and security, nearly half of respondents believe their organization is more exposed to cyber threats as a result — and the implications of that could have significant consequences for businesses.
The research is based on an April 2022 survey conducted by Censuswide, of more than 2,000 IT decision-makers and SecOps professionals (split nearly 50/50 between the two groups) from businesses in the United States, the United Kingdom, and Australia — all of whom have a role in the decision-making process for IT or security.
The survey was conducted as nearly three-quarters (74%) of respondents believe the threat of ransomware in their industry has increased over the last year, with nearly half of respondents (47%) saying their organization has been the victim of a ransomware attack in the last six months. The survey uncovered the following results globally:
“This research pinpoints there is often a lack of collaboration between IT and security teams that we’re seeing across many organizations today,” said Brian Spanswick, chief information security officer, Cohesity. “For too long, many security teams focused primarily on preventing cyber attacks, while IT teams have focused on data protection, including backup and recovery. A complete data security strategy must bring these two worlds together — but in many cases, they remain separate and this lack of collaboration creates significant business risks and can put companies at the mercy of bad actors.”
To further drive this point home, when respondents were asked how their company prioritized data backup and protection as part of their organization’s security posture or response to a cyber attack, 54% of IT decision-makers said it was a top priority and a crucial capability, while only 38% of SecOps respondents said the same.
“If SecOps teams are not thinking about backup and recovery, and lack next-gen data management capabilities as part of an overall security strategy, that’s a problem,” said Spanswick. “IT and SecOps teams need to collaborate before an attack takes place — looking holistically across the NIST Cyber Security Framework which includes five core capabilities: identify, protect, detect, respond, and recover. If they wait to collaborate until their data is hijacked, that’s too late and the results could be catastrophic for businesses.”
Eighty-three percent of all respondents (84% of IT decision-makers and 81% of SecOps respondents) somewhat or strongly agree that if security and IT collaborated more closely, their organization would be better prepared to recover from cyber threats including ransomware attacks. And, when respondents were asked what would give their organization greater confidence that they could recover business systems quickly in the event of a ransomware attack, 44% of all respondents (49% of IT decision-makers and 39% of SecOps respondents) said greater communication and collaboration between IT and security is key.
For more information:
‘Not strong’ refers to the proportion of respondents that did not select ‘strong’ or ‘very strong’ when asked: How strong or weak do you feel your organization’s security and IT teams collaborate to address growing cyber security threats, including ransomware attacks?
Cohesity radically simplifies data management. We make it easy to protect, manage, and derive value from data — across the data center, edge and cloud. We offer a full suite of services consolidated on one multicloud data platform: backup and recovery, disaster recovery, file and object services, dev/test, and data compliance, security, and analytics — reducing complexity and eliminating mass data fragmentation. Cohesity can be delivered as a service, self-managed, or provided by a Cohesity-powered partner.
© 2022 Cohesity, Inc. All rights reserved. Cohesity, the Cohesity logo, Helios, and other Cohesity marks are trademarks or registered trademarks of Cohesity, Inc. in the US and/or internationally. Other company and product names may be trademarks of the respective companies with which they are associated.