IDC report by Druva gives important insights organisations data resiliency


77 percent organisations consider data resiliency as a top priority, 85 percent have a cyber-recovery playbook, and yet only 14% are “extremely confident” in their existing data resiliency.

Some key insights from the report: 

  • Data resilience is a ‘top 3’ priority for 77 percent organisations 
  • 85% indicate they have a formal cyber-recovery playbook 
  • 92% said their data resiliency tools were “efficient” or “highly efficient,” yet 67% of those hit by ransomware were forced to pay the ransom

A recent IDC report commissioned by Druva foundthat 77% organisations take data resiliency seriously and consider it as a “top 3” organizational priority. Additionally, 85% of respondents indicated they have a formal cyber recovery playbook. 

Despite this high confidence in their resiliency toolsets, respondents to our survey expressed concerns about actually recovering data after ransomware attacks. Only 14 percent felt extremely confident about their existing data resiliency indicating that organisations are aware of the potential gaps in their data resiliency capabilities. When it comes to real world situations, IT leaders had five top level concerns after a ransomware attack, directly contradicting the idea that they’re prepared:

  • Inability to recover encrypted or deleted data without paying a ransom
  • Loss of data
  • Inability to recover in a timely manner
  • Inadequate data protection and recovery capabilities
  • Loss of productivity or revenue

The research from this study illustrates that IT Leaders think that they are ready for ransomware attacks when most are not. Too many organizations were forced to pay the ransom, lost data, or took excessively long to recover. Unfortunately, no one knows what they don’t know until it’s too late. Attacks come in unexpected ways, and cybercriminals have extensive experience in finding vulnerabilities. IT and business leaders need to make a frank, honest assessment regarding their data resilience and cyber-recovery capabilities.