Keepit, a global provider of a comprehensive cloud backup and
recovery platform, today released a survey conducted by Foundry, as
well as a study based on in-depth interviews conducted by Keepit.
Both reveal critical gaps in disaster recovery strategies and
highlight the pressing need for enhanced data security
measures.
In an evolving technological landscape, enterprise IT leaders
are grappling with unprecedented challenges in data protection and
governance, driven by the rapid adoption of cloud applications and
generative AI.
The CISOs and CIOs interviewed by Keepit for the study: “The
great balancing act: Cybersecurity leaders tackle rising pressures”
spoke to the necessity of rising to the challenge by adopting a
mindset of continuous improvement. They are building collaborative
best practices, partnering to bring in needed expertise, and
investing in data-centric solutions optimized for security and
simplicity.
Data protection struggles amid cloud and AI expansion
Enterprise disaster recovery strategies, traditionally designed
for on-premises IT infrastructure, are lagging behind the surge in
cloud application usage and the integration of AI technologies.
Foundry's survey: “Can data protection keep pace with the shifting
landscape?” underscores this trend. The respondents of the survey
represent IT decision-makers from companies with over 1,000 global
employees. While 70% of respondents report that their financial
applications are covered by data protection strategies, a
significant portion of other key systems and custom applications
remain vulnerable.
Survey highlights
- Financial systems: 70% are covered by data protection
strategies.
- E-commerce and HR Management Systems: 50% are
covered.
- CRM and ERP systems: 48% and 42% respectively.
- Critical transaction-based systems, custom applications, and
collaboration and productivity tools: Are lagging behind with
only between a third and a quarter of systems covered.
“Anything related to finance is important, most people will
agree. And it’s an obvious place to start when you map your
critical systems and data. The survey shows that financial systems
are by far the most incorporated in data protection strategies, and
when you look at verticals, financial institutions are also a
little more mature than others,” says Kim Larsen, CISO at Keepit,
an industry professional with a background in advising public and
private sector organizations in cyber security and cyber
resilience.
Strategic gaps and vulnerabilities
The survey reveals that only half of the organizations have
incorporated cloud-stored SaaS data into their disaster recovery
plans. Another 40% plan to address this gap soon. A decision-maker
participating in a recent Keepit CISO roundtable remarked, "We
solved many of these challenges 10 to 15 years ago, but with the
move to cloud, it's like we're starting from scratch again."
The current state of data protection is also seen as a
significant barrier to expanding the use of generative AI
technologies.
Strategic gaps:
- Critical SaaS data applications: 50% of respondents have
included cloud-stored data for critical SaaS applications in their
disaster recovery plans, and 40% plan to do so.
- AI data protection: Nearly all organizations prioritize
AI data protection, with 52% already implementing tools for
chatbots and AI platforms and 43% considering them.
“Good data protection is essentially ‘data classification plus
good recovery capabilities’: If you understand your data, and can
recover uncorrupted versions of it fast, you have a solid
foundation to ensure business continuity, compliance and recovery.
But this is easier said than done: The complexity of implementing
new initiatives, such as governance over data used by large
language models (LLMs), and the need to balance conflicting IT
demands, pose additional challenges for any industry,” adds Kim
Larsen, CISO at Keepit.
Compliance and future-proofing
Compliance is a top concern for 73% of survey respondents
heading into 2024, with data governance (53%) and enterprise backup
and recovery (45%) also ranking high. Regulatory scrutiny is
increasing globally, with mandates from agencies like the SEC in
the US and the upcoming Digital Operational Resiliency Act (DORA)
in the EU.
Compliance challenges:
- Regulatory mandates: New cybersecurity resilience
requirements.
- Cybersecurity risks: Continued threats, notably
ransomware.
“Cyber strategy must be perfectly aligned with the business to
effectively support it. The more global an organization becomes,
the more difficult this is – to align access, and comply with
regulations. This is backed up in our study, where CISOs emphasized
the need for a unified risk management strategy that aligns with
regional regulatory requirements,” said Kim Larsen.
Organizational maturity and risk management
Keepit's interviews with over 30 CISOs and CIOs reveal the
importance of organizational maturity in handling data security.
The variability in CISOs' backgrounds and responsibilities was
cited as a reason for the slow implementation of data-focused
innovations.
Key findings:
- Cloud flexibility: 80% of organizations adopt a "cloud
smart" approach, introducing new security and compliance
challenges.
- Regulatory and expertise challenges: The rise of GenAI
and the need for specialized knowledge in AI and
cybersecurity.
“One thing stands out: Organizations have very different levels
of maturity. A lot of the governance activities are so obvious, you
would think everyone is doing them. But they aren’t. Classic
difficulties include managing multiple security vendors, leading to
gaps in protection. Another is circumstances – one CISO told us how
he had experienced five major cyber events in the previous year,
prompting a complete overhaul of their cyber response plan,” says
Kim Larsen, CISO at Keepit.
Strategies for success
CISOs and CIOs are adopting continuous improvement mindsets,
building collaborative best practices, and investing in
data-centric solutions. Establishing effective data governance
frameworks and engaging the board of directors are seen as crucial
steps forward.
Strategic recommendations:
- Align with business objectives: Frame cybersecurity in
the context of business goals.
- Translate technical concepts: Communicate in terms
stakeholders understand.
- Demonstrate ROI: Highlight cost savings, risk
reductions, and business benefits.
- Board engagement: Seek feedback and support from the
board for cybersecurity initiatives.
“The conclusion is that data protection remains a cornerstone of
organizational resilience in the face of growing technological
advancements. As CISOs and CIOs navigate these challenges, their
ability to enable and protect data-driven innovation will define
their success. Robust data security and backup strategies are
essential for balancing innovation and protection, ensuring that
organizations can thrive in the digital age. Effective
communication of cyber risks to stakeholders and demonstrating the
ROI of cybersecurity initiatives are critical,” ends Kim
Larsen.
About Foundry, and IDG, Inc. Company
Foundry has played a key role in every major milestone,
announcement, and development in modern technology since 1964. We
engage and activate the world’s most influential tech buyers and
early adopters via the award-winning journalism and trusted media
brands they’ve turned to for decades. Our integrated ecosystem of
owned and operated editorial sites, awards, events, and tech
communities is engineered to enable global audience activation
through innovative marketing campaigns. Backed by robust audience
insights and data from across our network, Foundry sets the
standard for delivering business results to help companies
grow.
With 38 offices in markets around the globe, Foundry is a wholly
owned subsidiary of International Data Group, Inc. (IDG), the
world’s leading tech media, data, research and marketing services
company.
To learn more about Foundry, visit foundryco.com.
About CSO:
CSO serves enterprise security decision-makers and users with
the critical information they need to stay ahead of evolving
threats and defend against criminal cyberattacks. With incisive
content that addresses all security disciplines, from risk
management to network defense to fraud and data loss prevention,
CSO offers unparalleled depth and insight to support key decisions
and investments for IT security professionals.
www.csoonline.com
About Keepit
Keepit provides a next-level SaaS data protection platform
purpose-built for the cloud. Securing data in a vendor-independent
cloud safeguards essential business applications, boosts cyber
resilience, and future-proofs data protection. Unique, separate,
and immutable data storage with no sub-processors ensures
compliance with local regulations and mitigates the impact of
ransomware while guaranteeing continuous data access, business
continuity, and fast and effective disaster recovery. Headquartered
in Copenhagen with offices and data centers worldwide, over 10,000
companies trust Keepit for its ease of use and effortless backup
and recovery of cloud data.
For more information visit www.keepit.com or follow Keepit on
Linkedin.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20240723567792/en/
RedIron PR for Keepit Kari Ritacco kari@redironpr.com