A report from tech firm Commvault, which includes insights from organizations across six Southeast Asian countries including the Philippines, has revealed significant challenges in data recovery and cyber resilience amid growing threats and data sprawl.
The report, conducted by Tech Research Asia (TRA) and commissioned by Commvault, surveyed CIOs/CISOs, IT leaders, and decision makers from organizations across Southeast Asian countries, namely Indonesia, Malaysia, Philippines, Singapore, Thailand, and Vietnam.
71% organizations surveyed have experienced at least one cyberattack in the past year. Singapore, Thailand, and Vietnam experienced the majority of attacks on data environments, including production, secondary, and backups, while attacks on production data only is highest in Singapore, Malaysia, and Vietnam.
Of those who experienced a cyberattack, just 35% successfully recovered 100% of their data. When asked about the challenges, maintaining immutable data across multi-infrastructure environments was identified as the top hurdle for organizations when trying to secure their data estates.
The research found misaligned expectations of business leaders and IT teams when it comes to cyber recovery. For business leaders, speed of business resumption is paramount – with 24% stating an outage of one day or less is tolerable.
By the end of day five, 79% of business leaders expect the organization to have data access restored and be back in business. However, the IT teams reported the average time it took to recover from a breach is between four to five weeks.
“Businesses in Asean are overwhelmed with huge volumes of data, escalating threats, and the complexity of their own IT systems,” said Michel Borst, area vice president at Commvault.
“Additionally, they are dealing with diminished budgets and scarce IT and security teams. From our research, it is clear there are serious gaps in Asean organizations’ cyber resiliency maturity, their ability to recover all data, and the speed by which they can resume operations as the business requires.”
The research also highlights that a staggering 91% of companies struggle with managing ‘dark data’, which Gartner defines as the information assets organizations collect, process and store during regular business activities, but generally fail to use for other purposes, such as analytics. These statistics highlight a critical gap in the region’s ability to respond to and recover from cyber incidents.
Cyber resiliency clearly has a critical influence on maintaining business operations. However, the research revealed that only 7% of companies in the region believe they have a ‘proactive, mature cyber resiliency capability’.
When it comes to testing their incident response plans, 85% of companies stated they have a response plan in place if attacked. However, only 26% said they have a “clearly understood response and communication plan in place” while 22% stated their incident response capability is weak, “very unorganized,” and “(they) scramble to respond.”
Daniel Tan, Commvault’s head of solutions engineering for Asia, said, “Testing incident response and cyber readiness has historically been very challenging, but it is critical. The trouble is that traditional modes of testing can be cost-prohibitive and bring significant disruption to the operations. This, compounded with having to engage multiple vendors, creates a lack of visibility into, and gaps in, recovery capabilities, ultimately costing organizations more in terms of money and time to recover.”
Modern cleanrooms in the cloud can help address these testing challenges. “They are designed to not only provide companies with a way to orchestrate, on demand, recovery into a clean, isolated location in the cloud, but organizations can also use them to frequently and cost effectively test their cyber recovery strategies in advance – critical in an age of rapidly evolving cyber threats,” added Tan.
The research revealed that 92% of companies are using some form of data cleanrooms across the region, of which 28% ranked better data recovery post breach as the top benefit.
