20% of Data Breaches Require Two Weeks to Recover
▼ Summary
– A majority of surveyed organizations (87%) face up to two weeks of recovery and millions in costs following a serious endpoint security breach.
– Over half (55%) of the CISOs reported a disruptive cyber-attack in the past year, with most remediation efforts taking 3-6 days.
– The financial impact is significant, with 98% of organizations spending $1-5 million to recover, averaging $2.5 million per incident.
– Despite the critical need, the number of organizations with a dedicated cyber-resilience strategy has declined sharply from the previous year.
– CISOs are increasingly held responsible for leading recovery, with 59% concerned about job loss or liability from major downtime incidents.
Recovering from a major data breach is a costly and time-consuming ordeal for modern businesses. A recent study reveals that for a significant portion of organizations, restoring endpoint functionality after a serious security incident can take up to two weeks and cost millions of dollars. This underscores the critical need for robust cyber-resilience strategies that prioritize rapid recovery alongside traditional security measures.
The research, which surveyed 750 Chief Information Security Officers (CISOs) in the US and UK, found that more than half had experienced a disruptive cyber-attack, ransomware infection, or data breach in the past year. These incidents specifically knocked mobile, remote, or hybrid endpoint devices offline, crippling business operations. While most organizations reported taking between three and six days for full remediation, a concerning 19% required seven to fourteen days to recover. The financial toll is equally staggering, with the vast majority of companies spending between one and five million dollars per incident, averaging $2.5 million.
“The inevitable reality is that every organization will eventually face an attack or IT incident that halts business,” noted Christy Wyatt, president and CEO of Absolute Security. “Companies unprepared for a swift recovery confront an existential threat, as extended downtime can literally crush operations.” She emphasized that security leaders must broaden their focus beyond prevention to become the driving force for maintaining consistent, uninterrupted business functions.
Despite these stark realities, the report indicates a troubling decline in organizational preparedness. This year, 68% of respondents stated their company has a cyber-resilience strategy, and 65% said their firm prioritizes resilience over traditional security methods. These figures represent a significant drop from the previous year, when 90% and 83% reported the same, suggesting that resilience efforts are waning just as threats intensify.
This gap places immense pressure on CISOs, who are increasingly held accountable for resilience shortcomings. Seventy-two percent of surveyed CISOs confirmed their role now includes leading recovery efforts after a major breach that stops operations. Furthermore, 59% expressed concern that a major IT incident causing prolonged downtime could result in job losses, personal liability, or legal penalties for them personally.
The devastating operational and financial consequences of such breaches are not theoretical. Last year’s ransomware attacks on major corporations like Marks & Spencer and Jaguar Land Rover serve as potent examples. The attack on Jaguar Land Rover had an estimated economic impact of £1.9 billion, while Marks & Spencer faced costs around £300 million, illustrating how quickly a security event can escalate into a severe business crisis.
(Source: InfoSecurity Magazine)
