Apricorn has published findings from its annual survey conducted among IT security decision makers in the UK, into the state of data backup and the ability of organisations to recover in the event of a cyber attack.
Half of IT decision makers surveyed had to turn to backups to recover data, highlighting the urgency of implementing more effective data backup strategies to ensure rapid recovery. Of those who needed to recover their data, 50% were able to do so successfully but 25% were only able to partially recover their data/documents. A further 8% were unsuccessful because they did not have robust backup processes in place, demonstrating the need for continued enhancement in storage and backup solutions to ensure complete recovery post-breach.
Notably, the survey also found that 9% of respondents acknowledged their current backup systems are not sufficiently robust to allow rapid recovery from any attack. Though this emphasises the critical need for these organisations to make further improvements to safeguard their data and operations, it also attests to a greater sense of awareness of backup best practice. The fact that so many have been able to recover also underscores the progress that has been made in recovery strategies.
“While it is encouraging to see more organisations automating backup and adopting multiple backup locations, the fact that a percentage of organisations still struggle with complete data recovery is a stark reminder of the work that remains. Robust backup systems are not just advisable; they are a necessity in today’s threat landscape” said Jon Fielding, Managing Director of Apricorn.
Positively, there is an upward trend in the adoption of comprehensive backup strategies. The survey found a significant increase in automated backups to both central and personal repositories, indicating that the message about the importance of multiple backup locations and the benefits of automated backups is resonating within the industry.
The use of automated backup to both central and personal repositories has surged to 30%, up from 19% in 2023 according to IT decision makers surveyed. Individually, automated backup to central repositories has risen to 27%, up from 14% in 2023, and automated backup to personal repositories is now at 16%.
“It’s encouraging to see that businesses are recognising the need for secure backup strategies and automating backups will mitigate the risk of employees forgetting or executing the process incorrectly,” said Fielding. “However, it’s imperative that every business should have a comprehensive backup and recovery strategy that follows the ‘3-2-1 rule’. This means having at least three copies of data, stored on at least two different media, one of which should be offsite. One copy of the data should be offline, for example, on an encrypted removable hard drive that can be disconnected from the network.”
The improvements made in backup practices have clearly translated into tangible benefits as evidenced by the largely successful recovery efforts post-breach and the recognition of the need to have strong recovery strategies in place.
The survey also shows the increasing prioritisation of backup policies as a critical component of cybersecurity strategies. A striking 46% of respondents now consider robust backup policies as the most important factor for meeting cyber insurance compliance, a substantial increase from 28% in 2023. This shift reflects a growing awareness of the high stakes involved and the role of comprehensive backup solutions in mitigating risks and securing insurance coverage.