- 93% of British companies have faced a critical incident (86% worldwide)
- They do not test the recovery plans quite frequently, however
- Some bring together stocks of critical systems
New research has warned that British companies may be more likely to deal with dangerous cyber-incidents, 93% having experienced a critical incident against 86% worldwide.
The data comes from a Commvault study in the months following the impactful attack against the British retail giant M&S and reveals a recent increase in incidents, 57% having taken place in the last 18 months.
However, despite the more at risk of British companies, 21% are less likely to have dedicated recovery environments than their global counterparts and 11% are less likely to have tested recovery plans in the last month.
British companies obtain more cyber attacks than the world average
Commvault noted that even if British companies are more likely to undergo “frequent devastating incidents”, they are delaying with regard to their preparation for recovery, and this is due to three key failures: the complexity of existing systems and applications (52%), the fight to maintain the recovery plans online with their changing needs (47%) and the difficulties separating Central of less commercial operations (30%).
“Having a recovery plan tested in place and a recovery environment dedicated to the cloud can make all the difference between chaos and continuous affairs,” said Vice-President SVP EMEA of Commvault Richard Gadd.
However, tables and turns and businesses are starting to launch the foundations for change. The report details how two out of three (65%) have an inventory of critical systems and dependencies, which is greater than the global average (50%).
For the future, companies can strengthen their cybersecurity postures by adopting the principles of zero trust and default refusal to prevent many threats to the deployment of continuous monitoring systems.
British companies being less likely to have carried out a recovery test in the last month, it is clear for other tests, including recovery and penetration tests to highlight the weak points before an attack takes place.
