Many businesses are scared they might be hit by a cyberattack at any moment

(Image credit: Cyberattack)

Most security and IT leaders worldwide believe that a cyberattack is imminent and that it’s likely (or highly likely) that their organizations will suffer some sort of data loss within the next 12 months. 

A report from Commvault, based on a survey of 500 IT and security leaders around the world found most respondents see on-prem workloads as more vulnerable than cloud workloads. On a scale of 1-5, most respondents gave on-prem vulnerability a 2.8, and physical workloads a 2.77, while cloud workloads got a 2.67.

Furthermore, data exfiltration attacks happen almost 50% more often than encryption attacks, suggesting that even ransomware operators are moving away from deploying the decryptors and focusing exclusively on stealing sensitive data. Still, phishing is the number one concern for most, as that’s how the majority of ransomware attacks start anyway. 

Limited automation

Also, the respondents are saying that without the help of automation, detecting attacks will soon become impossible. Relying on manual detection and reporting only is “very likely” to result in missed anomalies and successful attacks, the report claims. To address the issue, the respondents are turning to automation, but the majority (57%) have limited automation for key functions, increasing their chances of missing a threat before it happens. Only 22% are fully automated, it was added.   

Regardless of the environment, businesses must integrate multiple layers of defense to keep their endpoints safe, argues Phil Goodwin, Research Vice President, Infrastructure Systems, Platforms and Technologies Group, at IDC (who conducted the survey).

“With AI now a tool for both defense and offense, the urgency for comprehensive cyber resilience has never been more evident.” 

The C-Suite must prioritize proactive defense, real-time threat intelligence, and robust risk management, added Commvault’s CISO, Javier Dominguez. “It’s also critical that SecOps and ITOps teams work closely together to look holistically at their security posture, end-to-end. With Commvault, resilience isn't an afterthought – it's the blueprint.”

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.