Rubrik Zero Labs is excited to share “The State of Data Security: The Human Impact of Cybercrime”. This in-depth global study commissioned by Rubrik and conducted by Wakefield Research gives businesses around the world a deeper look into the challenges that IT and security decision-makers face, the effects of those challenges, and subsequent solutions. This study engaged over 1,600 senior IT and cybersecurity leaders with more than half at the CIO and CISO level. 

This report is the first publication coming out of Rubrik Zero Labs, our new cybersecurity research team. Rubrik Zero Labs was created with the purpose of giving a voice to people on the front lines of cybersecurity and providing organizations with the latest threats to data security research. As part of Rubrik’s mission to secure the world’s data, Rubrik Zero Labs partners with IT and security leaders to analyze the global threat landscape, report on emerging data security issues, and help reduce the impact of cyber threats on your organization.

To that end, “The State of Data Security” report exposes the profound effects that years of rising threats and expanding threat vectors are having on organizations, people, and their confidence in their ability to protect their data. 

The report provides an important view into the realities IT and security teams face, including:

  • 98% of IT and cybersecurity leaders dealt with a cyberattack at their level in the last year with the average being 47 attacks a year.

  • 96% of these affected organizations dealt with some level of negative business impact as the result of an attack.

  • A third of organizations (36%) experienced a leadership change in the last year due to a cyberattack.

  • 96% of individuals reported significant emotional or psychological impact in the last year due to these events.

  • 92% of organizations are concerned they will be unable to maintain business continuity if they experience a cyberattack in the next year.

  • A third of individuals (33%) believe their board and/or executive leadership have little to no confidence in their organization’s ability to recover critical data and applications.

In the face of these realities, we also heard senior leaders highlight the growing differences between their best intentions and their ability to execute on those intentions.

  • Despite years of awareness around ransomware events and responses, 76% of IT and security leaders reported they are likely to consider paying the ransom, with 52% “extremely or very likely” to pay the ransom.

  • While there is near universal consensus on the value in aligning IT and security operations teams, almost a third of leaders (31%) said their own teams were somewhat to not at all aligned when it came to defending the larger organization.

  • While more than 89% of respondents believe public and private partnerships are important to solve cybersecurity challenges, only 44% were involved in any form of partnership

Despite years of awareness around ransomware events and responses, 76% of IT and security leaders reported they are likely to consider paying the ransom, with 52% “extremely or very likely” to pay the ransom.

When faced with these stark realities,  several core insights emerged to address these challenges.

  • Leaders should plan to address weekly intrusions. Since respondents reported dealing with an average of 47 attacks at the leadership level in the last year, organizations need to ensure their IT and cybersecurity leaders have the bandwidth to focus on an event almost every single week. It’s no longer a question of if there will be a breach. It’s how many and what can be done to improve breach over breach.

IT and security leaders will need capacity for both the breaches and for building a continual refinement process. 

  • Ask more of your data. Data is an organization’s most vulnerable asset and one of the best tools in its defense. Organizations can demonstrably improve their operational efficiency and decision-making through a better understanding of their data, where it lives, how it’s changing, and how important it is to protect.

These realities are increasing in complexity as organizations continue to push into hybrid environments and workforces become more remote-driven and fluid.

  • Share cyber risk and threat insights across teams. Organizatons are increasingly operating with tighter resources, expanding responsibilities, and a more active threat landscape. Improved collaboration, shared responsibility, and unified visibility will not only help teams respond to cyber incidents faster and more efficiently, but will also improve more routine functions. 

While the cybersecurity threat landscape can seem daunting and overwhelming, organizations are finding demonstrable ways to improve and conduct their best work. To learn about emerging data security issues and how to help combat global cyber threats, read the full report on Rubrik Zero Labs. You can also hear more about how to make your organization more resilient against cyberattacks at Rubrik’s Winter Release. Register here!

Report Methodology
*The global survey was commissioned by Rubrik and conducted by Wakefield Research among 1,625 IT and Security decision makers (Directors, VPs, CIOs and CISOs) at companies of 500 or more employees. The research was conducted in the US, UK, France, Germany, Italy, Netherlands, Japan, Australia, Singapore, and India, between July 18th and July 27th, 2022.