The UK's fragmented data backup practices: risks and remedies

A recent study by AI-based data security firm Cohesity casts a worrying spotlight on UK organisations' backup practices: 31% aren't securing all their sensitive data. This oversight threatens business operations in the wake of cyberattacks, Cohesity warns.

Despite a growing comprehension of threat detection across the UK, data protection strategies still lack cohesion. A fragmented approach jeopardises organisational transparency:

1. Patchwork Practices: 38% of organisations don't apply uniform backup controls globally, complicating both responses and recovery efforts.
2. Inconsistency in Workload Backups: Almost 45% have inconsistent strategies for virtual machines, applications, and unstructured data.
3. Backup Rule Rigaour: A mere 45% adhere consistently to the '3-2-1' rule — three copies on two media types, with one stored off-site.
4. Immutability Lapses: Less than half ensure all organisational backup uses immutability, leaving data vulnerable to cyber threats.

The study stresses, through insights from Fraser Hutchison, VP of Northern Europe at Cohesity, that while preventative measures against phishing and social tactics are in place, disaster readiness remains essential. This includes utilising immutable platforms to shield critical data and maintain operations amidst breaches.

Beyond backup challenges, the adoption of GenAI technologies further complicates the security landscape:

• GenAI technologies see rapid adoption, yet 33% of businesses find it surpasses their risk tolerance.
• AI's potential in enhancing security is evident with 54% finding it effective for anomaly detection and 53% for behaviour monitoring.
• AI is shaping response strategies, assisting in accelerated threat hunting and investigations.
• Despite advancements, only 34% predict AI will centrally define data security operations by next year.

Hutchison notes the dual nature of AI — posing risks yet offering a beacon for enhancing security frameworks. As organisations brace for an AI-integrated future, the opportunity to bolster security operations presents itself timely.