About
Subscribe

Data resilience readiness

ITWeb, in partnership with Veeam, conducted a survey on just how prepared businesses in SA and Africa are to recover from a ransomware or cyber attack, as well as the resources they have at their disposal to help them recover.

A total of 208 valid responses were captured, with 64% of respondents being at executive or middle management level. While 32% of respondents came from the IT sector, 18% from government and 15% from financial services, the remaining 35% come from a wide range of major industry sectors.

Here are some of the key findings:

  1. The top three sources of information about cyber threats and attack techniques cited by respondents are: Insights shared by internal security and backup teams (65%); Third-party threat intelligence services (52%); and Security vendor briefings and reports (52%).
  2. The majority of respondent organisations (87%) conduct regular security assessments on their backup infrastructure to detect vulnerabilities and potential threats. Of those that don’t, 8% plan to start doing so.
  3. 77% of survey respondents use backup data as an additional layer of defence to scan for indicators of compromise, malware or other threats.
  4. The biggest cause of business downtime was cited as power outages (38%), followed by hardware failure (24%) and cyber-attacks (17%) .
  5. Assuming a worst-case scenario where all systems are affected, respondents were asked how long it would their organisation to restore full operations. Almost half (49%) said they could restore in under 24 hours, while a third (35%) said between one and three days.
  6. The majority of respondents (83%) were confident of their ability to recover from a ransomware attack.
  7. The top three actions taken by respondent organisations to protect against ransomware are: regular data backups (83%); employee training on phishing and malware (75%); and implementing endpoint protection such as anti-ransomware tools (71%).
  8. Respondents were asked what resources their organisation had in place for response and recovery in the event of a ransomware or cyber-extortion incident. 60% said they had an internal incident response team, 18% had an external incident response provider that was retained independently, 8% said they had no established resources and would seek assistance as and when needed, and 7% had an external incident response services provided through their cyber insurance policy.
  9. Half of respondents (48%) had a cyber insurance policy that includes incident response and negotiation support, 14% have this as an optional add on, 13% said incident response and negotiation weren’t included as part of their cyber insurance policy.

Share