New global research commissioned by Cohesity, a pioneer in next-gen data management, reveals that half of the respondents in the United Kingdom say their company depends on outdated, legacy backup and recovery infrastructure to manage and protect their data.
In some cases, this technology is more than 20 years old and was designed long before the current multi-cloud era and an onslaught of sophisticated cyberattacks plaguing enterprises globally.
Cyber attack efficiency
Challenges to outdated infrastructure could easily be compounded by the fact that many IT and security teams don’t seem to have a plan in place to mobilise if and when a cyber attack occurs.
More than 6 in 10 (62%) respondents in the UK expressed some level of concern that their IT and security teams would be able to mobilise efficiently to respond to the attack.
Lack of data management
Cybercriminals are actively preying on outdated infrastructure as it was not built for multi-cloud environments"
“IT and security teams should raise the alarm bell if their organisation continues to use antiquated technology to manage and secure their most critical digital asset – their data,” said Brian Spanswick, the Chief Information Security Officer at Cohesity.
Brian Spanswick adds, “Cyber criminals are actively preying on this outdated infrastructure as they know it was not built for today’s dispersed, multi-cloud environments, nor was it built to help companies protect and rapidly recover from sophisticated cyberattacks.”
Backup and recovery infrastructure that could be archaic
Fifty percent (49.4%) of respondents in the UK said that their organisation relies on primary backup and recovery infrastructure that was designed in, or before, 2010. Among that group, 27 percent claim to utilise technology that was either designed between 2000-2005, or in fact, before the new millennium in the 1990s.
Legacy technology
Enterprises are utilising this legacy technology even though managing and securing data environments has become much more complex, not just because of the exponential growth in structured and unstructured data, but because of the vast array of locations where that data is stored.
In the UK, 38% percent of respondents stated that they store data on-premises, 39% rely on public cloud storage, 50% utilise a private cloud, and 41% have adopted a hybrid model (some respondents are using more than one option).
Outdated data infrastructure
In 2022, the fact that any organisation is using outdated technology can create massive compliance issues"
“In 2022, the fact that any organisation is using technology to manage their data that was designed in the 1990s is frightening given that data can be compromised, exfiltrated, held hostage, and it can create massive compliance issues for organisations,” said Spanswick.
“In this survey, we easily found respondents who said their organisations are relying on very outdated data infrastructure, and this raises the question, how many other businesses are in the same situation around the world?”
What keeps IT and SecOps up at night
Respondents in the UK highlighted what they believe would be their biggest barriers to getting their organisation back up and running after a successful ransomware attack. The findings are as follows (respondents were asked to check all that apply):
- Integration between IT and security systems (41%);
- Lack of coordination between IT and Security (37%);
- Lack of an automated disaster recovery system (34%);
- Lack of and timely detailed alerts (31%)
- Antiquated backup and recovery systems (29%);
- Lack of a recent, clean, immutable copy of data (24%);
Improving data visibility
Next-gen data management platforms help stay one step ahead of cybercriminals in exfiltrating data"
“Both IT decision-makers and SecOps should co-own the cyber resilience outcomes, and this includes an evaluation of all infrastructure used by the NIST framework for data identification, protection, detection, response, and recovery. Also, both teams need to have a comprehensive understanding of the potential attack surface,” said Spanswick.
“Next-gen data management platforms can close the technology gap, improve data visibility, help IT and SecOps teams sleep better at night, and stay one step ahead of bad actors who take great delight in exfiltrating data from legacy systems that can’t be recovered.”
About the research
April 2022 survey, conducted by Censuswide, of more than 2,000 IT and SecOps professionals (split nearly 50/50 between the two groups) in the United States, the United Kingdom, Australia, and New Zealand. 504 respondents were based in the UK.
All respondents play a role in the decision-making process for IT or security within their organisations.