Regionally, 57% of respondents in Australia, India, Japan, South Korea and Singapore cited a cyberattack had prevented access to their data within the past 12 months. Other findings include:

• 66% of respondents were “not very confident” that they could reliably recover in the event of a destructive cyberattack.
• 54% of organizations in the survey had invested more in cyber prevention than cyber recovery.
• 83% of respondents believed that the rise in remote-working had increased organizational exposure to data loss from a cyberattack. This was a 7% increase in sentiment over a similar survey sentiment in 2022 (referencing IT decision makers but not IT security decision makers).
• 95% of respondents cited the use of ransomware insurance policies, but noted that several conditions could limit coverage:
  • 59% cited that proof of best practices for cyber threat prevention was required
  • 43% indicated some scenarios would void the policy
  • 46% pointed to the fact that payments to some entities may be restricted by law
• 50% of respondents had engaged professional services to bolster resources, with 52% conducting regular cyber recovery testing and 42% having deployed a cyber vault with physical and logical separation from production data.
• 46% of respondents believed that generative AI will provide an advantage to their organization’s cyber security posture; 89% cited their sentiment that generative AI is likely to generate large volumes of new data and increase the value of certain data types, which will need to be considered when mapping out their future data protection strategies.
• 76% of IT decision-makers in the survey were not very confident that their organization can protect all the data across their public clouds.
• 39% of respondents cited challenges over data security in public, multi-cloud infrastructures, with more than 55% of respondents believing data protection and security are the most important capabilities for operational resilience.