data loss disaster recovery statistics

In 2022, it is essential for business of all sizes to be prepared for the worst. Hacking is at an all time high. The threat of ransomware attacks, trojans, and other exploits must be taken very seriously.

If you are business owner or manager, we hope the data loss statistics listed below will serve as reminder of why it is important to have strong cybersecurity and data recovery systems in place.

1. Just 45% of businesses consider their security budget adequate

The Ponemon Institute’s 2020 report, Cybersecurity in the Remote Work Era, found that only 45% of businesses believe they have the funds required to adequately prepare for cyberattacks brought on by the switch to remote working. Further, just 39% believe that their staff has the expertise needed to properly defend against attackers.

Of course, some businesses are more prepared than others. The 2021 SMB Cybersecurity Report from Connectwise found that more than half (51 percent) of small and medium-sized businesses don’t have an incident response plan in place for responding to data breaches and cyber attacks. On the plus side, 77% reported planning to increase spending on cybersecurity in the next 12 months.

2. 2 of 3 midsize businesses suffered Ransomware attack in past 18 months

According to the latest 2022 MSP Threat Report by ConnectWise, two out of three midsize businesses have suffered a ransomware attack in the last 18 months. This reveals the almost epidemic level that ransomware attacks have reached in the wild. What’s more, the study reveals that the size, severity, and cost of those attacks is increasing year on year.

With this in mind, high-quality backup systems that allow a business to regain access to their data and to get their systems up and running again is essential to avoid delays and a potential hit to share prices or profits.

3. 33% of folders are not protected in any way

According to the 2021 Global Data Risk Report by Varonis, on average, 33 percent of all folders used by a company are open to everyone. Don’t think that’s a problem? Put it this way: 64% of your employees have access to 1,000 or more sensitive files. In other words, there’s a solid chance that your intern can accidentally create, update, and delete vital documents without you knowing.

This is a sharp increase from the 2019 report, which found just 22% of files accessible by anyone.

Varonis data loss statistics.
Source: Varonis

Attackers look for unsecured folders such as these. Files that are open to anyone can provide easy access to sensitive information, putting organizations at risk.

4. 28% of data breaches involve malware

Causes for data loss range from human error to physical theft. However, according to Verizon’s 2021 Data Breach Investigations Report, malware was involved in some 15 percent of data breaches, down from 17 percent the year prior (note that in the graphic below, malware attacks are included in the “System intrusion category”).

Verizon’s Data Breach Incident Report
Source: Verizon’s Data Breach Incident Report

The number of mobile malware infections may have decreased year on year but needless to say, it’s important to use quality, up-to-date antivirus software to help prevent data loss caused by malware.

5. 82% of breaches involve human error

According to the 2022 Verizon Data Breach Incident Report, 82% of breaches are caused by attack vectors that involve human error. This includes, social engineering attacks, phishing, spear phishing, errors, and misuse/transgressions.

This is a reminder of how important it is to engage in training and monitoring to ensure that employees in need of further education regarding cyber-threats are singled out.

It is also a reminder of the importance of hierarchical systems with access privileges. This ensures that employees only have access to the parts of the network they require, and that important data and systems are properly segregated so that attacks cannot easily move laterally through the company network.

6. 85% rise in dark web data dumps

According to the Palo Alto 2022 Unit 42 ransomware threat report businesses saw an 85% rise in incidents that involved employees having their names and personal data dumped publicly on the dark web. The security company explains that these data leaks are used to coerce victimized companies into paying up.

Along with the added pressure that hackers are putting on victims, Palo Alto noted a 144% increase in the average ransom demanded. This reveals that while attacks are are on the rise, the cost of those attacks is also increasing – making ransomware a serious problem for the massive number of companies being targeted.

7. An incident response team can drastically reduce the cost of a data breach

The Ponemon Institute’s Cost of a Data Breach Report 2021 puts the average cost of a data breach at $4.24 million, with healthcare being the most costly industry ($9.23 million). The average time taken to identify and contain a data breach is a whopping 287 days.

As expected, the shorter the lifecycle of the breach, the better. A breach lasting under 200 days costs 30% less than one with a lifecycle longer than 200 days.

Cost Data Breach Report 2021
Source: IBM

8. Hard drive failure rates remain (relatively) stable

As many of us have found to our cost, hard drives can and do fail. According to Backblaze, the average failure rate for hard drives in 2021 was 1.01%, a slight increase from 2020’s overall average of 0.93%.

You can protect yourself from losing data in such an event by having a reliable data backup solution. For many, this may entail having a backup hard drive in a physical off-site location or storing files on the cloud.

See also: Best data recovery software

9. Ransomware attacks cause an average of 16.2 days of downtime

Ransomware makes files on the target system unreadable without a decryption key (held by the attacker). Typically, ransomware works by encrypting select files, then forcing the victim to pay up in order to decrypt them.

A 2021 Coveware study reported that the average downtime for businesses as a result of a ransomware attack was 20 days in Q4 2021. This was down 10% from Q3 2021 — a small but nonetheless welcome improvement.

Ransom payments by quarter

Aside from suffering the costs of downtime, companies are having to fork over larger ransoms than ever before. After a period of stabilization in Q3 2021, the average price spiked again in Q4. The average ransomware payment more than doubled to $322,168 during this period.

10. 97% of data is recovered after a ransomware attack

It’s true that when you pay the fee demanded by ransomware, there’s no guarantee that you’ll receive a working decryption key. And even if you do get a key, you still may not recover all of your data. In fact, Sophos’ 2021 State of Ransomware Report found that, even after paying, only around 8 percent of victims recover all of their data. The average ransomware victim loses around 35 percent of their data.

Sophos State Ransomware 2021 Report
Source: Sophos State of Ransomware 2021 Report

Note that even if you manage to decrypt all of your files, there’s nothing to stop the criminal from maintaining copies. Information could be stored and used in subsequent crimes, for example, in fraud or spear-phishing attempts.

11. The average cost of downtime is $1,410 per minute

According to Veeam’s 2022 Data Protection Report, the average cost of downtime is $88,000 per hour or $1,467 per minute. Naturally, this figure is skewed by larger organizations reporting higher sums, but small and medium business are still significantly impacted.

12. Iran-nexus adversaries a growing threat to US and Israeli businesses

According to the 2022 CrowdStrike report, hackers working in Iran stepped up their operations targeting businesses in the US, Israel, the Middle East and North Africa.

According to the report, these attacks often involved the use of Ransomware with a “lock-and leak” attack method that uses data leaks as a way to coerce victims into paying.

Those methods involve the use of hacktivists and criminal hacking groups to create a veneer of deniability for state sponsored activities; often leveraging dedicated leak sites, social media, and messenger platforms to leak data via “actor-controlled personas or entities”.

13. 93% of small businesses store data or backups in the cloud

According to promising results from a Unitrends’ 2019 survey, 84 percent of all businesses store data or backups in the cloud, with a further eight percent planning to do so within the next year.

Small enterprises have a higher adoption rate of cloud technology, with 93 percent of companies using it. This is compared to 82 percent of mid-sized businesses and 81 percent of large businesses.

A follow-up report from 2021 found that the number of organizations that rely solely on cloud-based solutions is expected to rise 70% by 2023. Not a huge surprise given cloud backups offer a number of advantages including ease of access and affordability.

The caveat? According to the 2022 CrowdStrike Global Threat Report, state sponsored actors began “regularly targeting cloud service providers
to exploit trusted relationships and supply chain partnerships.”

14. 96% of businesses experienced an outage in a 3-year period

A 2019 LogicMonitor study reported that the huge majority (96 percent) of organizations have experienced at least one outage in the past three years and 95 percent had experienced at least one brownout.

LogicMonitor results.
Source: LogicMonitor

A large portion of companies (55 percent) experienced five or more outages during that period. The same report reveals that IT decision-makers believe that 51 percent of outages and 53 percent of brownouts are avoidable.

Of course, outages and brownouts have related costs, including lost revenue, compliance failure, and lost productivity. LogicMontor found that companies experiencing frequent outages or brownouts had 16 times higher costs than organizations that experience fewer such instances.

Tips for an effective disaster recovery plan

There are a number of things that your business can do in order to prevent and prepare for a disaster, whether natural or man-made.

Here’s how to make a disaster recovery plan:

  • Back up data and send it to physical off-site locations. You may also wish to use cloud storage. Either way, backups should be made on a regular basis to ensure minimal disruption should you lose data in a disaster.
  • Test your disaster recovery plan. Carrying out practice drills can help determine the overall effectiveness of the plan. This way, you can modify the plan if you find anything that doesn’t work in practice.
  • Establish a disaster recovery team. The team should receive regular training on how to prepare for a variety of different situations. The disaster recovery plan should also be communicated to other key staff members, ensuring it’s understood.
  • Maintain up-to-date contact information. Should a disaster occur when key staff members are out of the office, you may need their latest contact details for such an emergency. Contact details should be updated on a regular, periodic basis.
  • Update your plan. As businesses change and technology develops, it’s important to regularly revisit your disaster recovery plan. Potential changes may involve a new antivirus software or cloud provider, for example.

Data loss and disaster recovery FAQs

What is disaster recovery?

Disaster recovery is a form of security planning that allows a business to maintain or recover infrastructure and systems following a disaster. With good planning, a business should be able to resume normal operations by regaining access to hardware, applications, and data. This is achieved through the use of a disaster recovery plan -- a set of policies and procedures to follow in the event of a disaster.

The disaster that impacts a business may be anything from a natural event such as a flood or earthquake to one that is man-made, whether by human error, a device failure, or a cyberattack. Disaster recovery involves planning for a variety of possible circumstances, allowing businesses to reduce overall downtime and save time, money, and customer trust.

Related post: Best Data Loss Prevention Software Tools

How does disaster recovery work?

The disaster recovery process involves a lot of planning and testing. First, risk assessment and business impact analysis needs to be carried out. Security vulnerabilities must be identified in order to draft an effective disaster recovery plan. Even when a disaster recovery plan is created, it must be tested and revisited on a regular basis.

Naturally, plans differ based on the type of disaster they’re addressing, each offering varying immediate, intermediate, and long-term responses with specific responsibilities assigned to select staff members. Aside from offering corrective measures in the event of a disaster, a disaster recovery plan should also have preventive measures in place as well as detective measures that help discover events that may otherwise be missed.

What causes data loss?

There are several ways data loss can occur, some of these include:

  1. Accidental deletion: This is the most common cause of data loss. Deleting files is easy, whether it’s an unintentional click or a mistaken keystroke. Unless you have a backup, files are usually gone for good once they're deleted.
  2. Hardware failure: Hard drives can fail without warning, leading to data loss. You'll be unable to recover lost files if you don't have a backup.
  3. Software glitches: Sometimes, the software can malfunction and cause data loss. This can happen due to a bug in the software or a conflict with another program.
  4. Viruses and malware: Viruses and other malicious software can delete or corrupt your files, leading to data loss. This is why it’s important to have antivirus protection and keep your software up to date.
  5. Natural disasters: Floods, fires, and other natural disasters can destroy physical hard drives, leading to data loss. This is why having off-site backups in a major disaster is important.