Cloud Hosting

Exclusive: Commvault's latest State of Data Readiness report for ANZ reveals that the rate of data growth is slowing, but post-attack recovery times are increasing.

Annual data growth rates fell to 33 percent in 2022-23, continuing the trend first seen in 2021-22 which saw a drop from 40 percent to 37 percent.

Commvault ANZ director of public sector and enterprise Jonathan Hatchuel told iTWIre that this is the result of organisations being more deliberate about collecting, holding and purging data, as well as increased governance of these activities.

For example, there is no need for an airport to keep for 20 years the information it collects from passengers who want to use its public Wi-Fi network, he said, nor to keep credit card numbers after a transaction has been successfully completed.

"There's definitely a higher level of governance," he said, and given the likelihood of being breached, a straightforward way to reduce risk is to avoid storing unnecessary data.

The cost of storage is still significant, so organisations still need to optimise its use this is the top data management challenge in 2023, according to the report, while data protection has moved up from fourth place in 2022 to third.

However, "data estates are still growing," he emphasised.

As for recovery times, there is a mismatch between senior executives' expectations and reality. The expectation at around two-thirds of organisations that a data outage that lasts more than five days is intolerable, but only one-fifth managed to recover in less than a week.

The 2021 report found 71 percent recovered in four weeks or less, but that fell to 46 percent in 2022 and 42 percent in 2023.

Furthermore, only 40 percent of organisations managed to recover all their data, down from 47 percent in the previous year, Hatchuel pointed out.

Worryingly, one percent of respondents said they were unable to recover any of their data after an attack.

The report also noted that "blended" storage is the default, with 62 percent of organisations having multi-cloud or hybrid cloud environments, and this is presenting challenges for data management and protection.

Organisations need to accept that they probably will be breached at some stage: "it shouldn't be like that, but it is," he warned.

Backup is "the last line of defence in any attack," so "it has to look different than it did five years ago" because "the brightest minds" are working on both sides of this battle and ongoing improvements are needed.

Part of the problem is that attackers are increasingly targeting primary, secondary and archive data simultaneously. This was the case for five percent of respondents in the 2022 report, but that leaped to 22 percent in 2023.

Commvault is the only company with deception technology built into its products, Hatchuel said. The idea is to "bait and deceive bad actors" by presenting them with fake but attractive documents and servers to keep them occupied, giving IT staff an opportunity to detect and block the attack.

"That's how it looks different [to other products]," he said.

The report was prepared for Commvault by Tech Research Asia, and was based on a survey of 376 companies with more than 100 employees in Australia and 50 employees in New Zealand.

A link to ANZ Market Analysis: The State of Data Readiness, 3rd edition will be added here once the report is available to the public.

Read this article:
Data growth slowing, recovery times increasing: Commvault - iTWire