data loss and disaster recovery statistics

If you own a business and don’t yet have a disaster recovery plan in place, these data loss statistics might make you think again.

1. 39% of SMBs don’t have an incident response plan

The Ponemon Institute’s 2019 Global State of Cybersecurity in Small and Medium-Sized Businesses study found that more than one-third (39 percent) of small and medium-sized businesses don’t have an incident response plan in place for responding to data breaches and cyber attacks. This is in spite of the fact that of the same study participants, 60 percent had experienced a loss or theft of sensitive data in the previous 12 months.

This lack of preparedness could be extremely costly as businesses are required to scramble to return their systems to normal after an attack.

2. 22% of folders are not protected in any way

According to the 2019 Global Data Risk Report by Varonis, 22 percent of all folders used by a company are open to everyone. As you’d expect, the bigger the company, the more files that can potentially be compromised. For example, 80 percent of companies with over 1 million folders have over 50,000 folders open to everyone.

Varonis data loss statistics.
Source: Varonis

Attackers look for unsecured folders such as these. Files that are open to anyone can provide easy access to sensitive information, putting organizations at risk.

3. 28% of data breaches involve malware

Causes for data loss range from human error to physical theft. However, according to Verizon’s 2020 Data Breach Investigations Report, a type of malware was involved in some 17 percent of data breaches.

Data loss malware

The number of mobile malware infections decreased in 2019, but according to Sophos Labs, mobile attacks are becoming more sophisticated each year. Needless to say, it’s important to use quality, up-to-date antivirus software to help prevent data loss caused by malware.

4. An incident response team can drastically reduce the cost of a data breach

The Ponemon Institute’s Cost of a Data Breach Report 2019 puts the average cost of a data breach at $3.92 million, with healthcare being the most costly industry. The average time taken to identify and contain a data breach is a whopping 279 days.

As expected, the shorter the lifecycle of the breach, the better. A breach lasting under 200 days costs $1.2 million less than one with a lifecycle longer than 200 days.

IBM Ponemon highlights.
Source: IBM

An interesting statistic in this report is that companies that form an incident response team can reduce the average cost of a breach by $360,000. Another way to reduce the average cost by the same amount is to use encryption extensively.

5. 0.89% of hard drives failed in 2020

As many of us have found to our cost, hard drives can and do fail. According to Backblaze, the failure rate for hard drives in Q3 of 2020 was 0.89%. This is particularly significant as it shows a real improvement from Q1, which already had the lowest failure rate on record (1.07%).

You can protect yourself from losing data in such an event by having a reliable data backup solution. For many, this may entail having a backup hard drive in a physical off-site location or storing files on the cloud.

6. Ransomware attacks cause an average of 16.2 days of downtime

Ransomware makes files on the target system unreadable without a decryption key (held by the attacker). Typically, ransomware works by encrypting select files, then forcing the victim to pay up in order to decrypt them.

A Q4 2019 Coveware study reported that the average downtime for businesses as a result of a ransomware attack was 16.2 days. This was up a significant amount from 12.1 days in the previous quarter. In Q2 of 2020, this dropped to 16 days — a small but nonetheless welcome improvement.

The report explains that the increase is due to more attacks hitting larger enterprises. These businesses have more complex systems and restoring networks takes longer than it does for smaller businesses. In addition, some forms of ransomware, such as the Ryuk attack, have evolved such that they are having a larger impact on victims’ networks.

Coveware ransomware amounts statistics.
Source: Coveware

Aside from suffering the costs of downtime, companies are having to fork over larger ransoms than ever before. The average Q4 2019 ransomware payment was $84,116, more than double that of the previous quarter ($41,198).

7. 97% of data is recovered after a ransomware attack

It’s true that when you pay the fee demanded by ransomware, there’s no guarantee that you’ll receive a working decryption key. And even if you do get a key, you still may not recover all of your data.

Ransomware disaster recovery statistics.
Source: Coveware

That said, it’s not all doom and gloom as the Coveware study found that in Q4 of 2019, the number of victims who received a working decryption key was about 98 percent. In addition, 97 percent of data encrypted by ransomware was successfully decrypted after paying the ransom.

Note that even if you manage to decrypt all of your files, there’s nothing to stop the criminal from maintaining copies. Information could be stored and used in subsequent crimes, for example, in fraud or spear-phishing attempts.

8. The average cost of downtime is up to $11,600 per minute

According to Datto: “An hour of downtime costs $8,000 for a small company, $74,000 for a medium company and $700,000 for a large enterprise.” For large enterprises, this equates to around $11,600 per minute.

Datto disaster recovery statistic.
Source: Datto

Needless to say, this emphasizes the importance of having an effective disaster recovery plan that allows a business to continue operations as normal.

9. 93% of small businesses store data or backups in the cloud

According to promising results from a Unitrends’ 2019 survey, 84 percent of all businesses store data or backups in the cloud, with a further eight percent planning to do so within the next year.

Small enterprises have a higher adoption rate of cloud technology, with 93 percent of companies using it. This is compared to 82 percent of mid-sized businesses and 81 percent of large businesses. Using cloud backup offers a number of advantages including ease of access and affordability.

The report also found that cloud-based Disaster Recovery-as-a-Software (DRaaS) will be used by 59 percent of businesses by 2021. Currently, 36 percent of businesses use this, and a further 23 percent plan to add the technology within the next year.

10. 96% of business experienced an outage in a 3-year period

A 2019 LogicMonitor study reported that the huge majority (96 percent) of organizations have experienced at least one outage in the past three years and 95 percent had experienced at least one brownout.

LogicMonitor results.
Source: LogicMonitor

A large portion of companies (55 percent) experienced five or more outages during that period. The same report reveals that IT decision-makers believe that 51 percent of outages and 53 percent of brownouts are avoidable.

Of course, outages and brownouts have related costs, including lost revenue, compliance failure, and lost productivity. LogicMontor found that companies experiencing frequent outages or brownouts had 16 times higher costs than organizations that experience fewer such instances.

What is disaster recovery?

Disaster recovery is a form of security planning that allows a business to maintain or recover infrastructure and systems following a disaster. With good planning, a business should be able to resume normal operations by regaining access to hardware, applications, and data. This is achieved through the use of a disaster recovery plan — a set of policies and procedures to follow in the event of a disaster.

The disaster that impacts a business may be anything from a natural event such as a flood or earthquake to one that is man-made, whether by human error, a device failure, or a cyberattack. Disaster recovery involves planning for a variety of possible circumstances, allowing businesses to reduce overall downtime and save time, money, and customer trust.

Related post: Best Data Loss Prevention Software Tools

How does disaster recovery work?

The disaster recovery process involves a lot of planning and testing. First, risk assessment and business impact analysis needs to be carried out. Security vulnerabilities must be identified in order to draft an effective disaster recovery plan. Even when a disaster recovery plan is created, it must be tested and revisited on a regular basis.

Naturally, plans differ based on the type of disaster they’re addressing, each offering varying immediate, intermediate, and long-term responses with specific responsibilities assigned to select staff members. Aside from offering corrective measures in the event of a disaster, a disaster recovery plan should also have preventive measures in place as well as detective measures that help discover events that may otherwise be missed.

Tips for an effective disaster recovery plan

There are a number of things that your business can do in order to prevent and prepare for a disaster, whether natural or man-made.

Here’s how to make a disaster recovery plan:

  • Back up data and send it to physical off-site locations. You may also wish to use cloud storage. Either way, backups should be made on a regular basis to ensure minimal disruption should you lose data in a disaster.
  • Test your disaster recovery plan. Carrying out practice drills can help determine the overall effectiveness of the plan. This way, you can modify the plan if you find anything that doesn’t work in practice.
  • Establish a disaster recovery team. The team should receive regular training on how to prepare for a variety of different situations. The disaster recovery plan should also be communicated to other key staff members, ensuring it’s understood.
  • Maintain up-to-date contact information. Should a disaster occur when key staff members are out of the office, you may need their latest contact details for such an emergency. Contact details should be updated on a regular, periodic basis.
  • Update your plan. As businesses change and technology develops, it’s important to regularly revisit your disaster recovery plan. Potential changes may involve a new antivirus software or cloud provider, for example.