Zerto Survey Reveals the Need for Comprehensive Cybersecurity Strategies

More than ever, companies rely on data to perform day-to-day operations. Businesses can’t function at their best without it. That’s why it’s so important to adapt internal strategies as cyberthreats and challenges evolve, and existing threats grow more dangerous.

Zerto, a Hewlett Packard Enterprise company, conducted the 2022 Ransomware Strategy Survey to measure how companies view their cybersecurity posture. Are they invested in keeping malicious actors out, having the ability to recover their data in the event of a breach, or both?

Most companies correctly start by building a robust prevention strategy focused on stopping attacks. However, as attacks become more sophisticated and capable of breaching prevention security, prioritizing recovery must be a key part of a modern, multi-layered approach.

Ransomware can impact a business in many ways. The impact of cyberattacks is extensive as found in a recent IDC report, sponsored by Zerto. Most businesses have a high-level strategy to deal with cyberthreats, but how organizations prepare for them varies.

The 2022 Ransomware Strategy Survey found that only half of the companies surveyed focus on both recovery and prevention. This points to the fact that a holistic view is far from the norm. Interestingly, over a third of respondents (37%) do not have a strategy in place that focuses on recovery. They either have a sole focus on prevention or, alarmingly, have no formalized strategy in place yet (8.7%). This is dangerous because, as ransomware actors become more capable of impounding data, businesses will suffer wide-ranging consequences if they can’t get back up and running immediately on their own.

Ransomware can be fought with proper recovery strategies, but as the survey found, not all companies have a formalized recovery strategy in place. The upside is that many companies are reevaluating their data protection and cyber resilience strategies: 66.8% of respondents recognize that their strategy needs further examination.

Two-thirds of respondents indicated they aren’t comfortable with what they have in place—especially considering the current cyberthreat landscape. This may signal that prevention is not enough and that legacy data protection is failing. As companies reevaluate their strategies, those that haven’t yet put a focus on recovery will benefit by leaning in the direction of continuous data protection (CDP). CDP offers a continuous stream of recovery checkpoints that allows companies to rewind to a time within seconds prior to an attack.

In an era of relentless cyberthreats, strategies to combat attacks can’t remain idle, and they must be multidimensional. Cyberattackers have proven that they can breach fortified security structures, so companies need a plan in place for what to do once bad actors are in. If the goal is to keep business running and operating, companies need a recovery strategy. While it’s good to have multifaceted strategies in place, completely protecting the business also requires recovery capabilities.

To that point, it’s encouraging to see that organizations are reevaluating their ransomware strategies. For companies that have not put a focus on a recovery, this is a step in the right direction toward a more holistic ransomware strategy. But organizations need to recognize that they can’t rely on protection alone. That is a risk not worth taking.

Check out the full 2022 Ransomware Strategy Survey report to learn more about how companies view their security posture.

Otherwise, keep on enhancing your knowledge about ransomware resilience with our Ransomware Recovery Guide!