Half of Organisations Have Suffered a Cyberattack or Incident That Prevented Access to Data in 2023

Over half (54%) of organizations suffered a cyberattack or incident that prevented access to data last year, according to the 2023 Dell Technologies Global Data Protection Index survey of 1,000 IT decision-makers (ITDMs) and 500 IT security decision-makers.

Respondents report that IT disruption is commonplace, with the vast majority (90%) saying their organizations experienced some form of IT disruption in 2023. External security breaches were the most cited (40%) cause of data loss and/or systems downtime within organizations. Over half (55%) of those who experienced a cyberattack event said attackers’ first point of entry was external – users clicking on spam or phishing emails and malicious links, compromised user credentials and hacked mobile devices.

Looking to the implications, respondents said that disruptions that include data loss cost on average USD $2.61 million in 2023, accounted for an average of 26 hours of unplanned downtime and resulted in an average of 2.45TB worth of data loss. Costs associated with cyberattacks and related incidents have also doubled, up from USD $0.66 million in 2022 to USD $1.41 million in 2023.

Generative AI and Cybersecurity

Generative AI (GenAI) is emerging as a strategic tool for bolstering defences, with 52% of those surveyed saying that integrating GenAI will provide an advantage to their organization’s cybersecurity posture. However, showing the dual nature of GenAI as both a defensive asset and source of complexity, 88% also agreed that the adoption of GenAI will generate large volumes of new data. The same percentage (88%) agreed that GenAI will amplify the value of specific data types.

“The rise of Generative AI and expansion into hybrid, multi-cloud environments have put cyber resilience and effective incident recovery front-and-centre for organizations,” said Dermot O’Connell, senior vice president of EMEA Services for Dell Technologies. “Data is crucial in today’s digitally transformed world, making it both a vital resource and a priority target.”

Looking to ransomware attacks, responses suggest an over-confidence surrounding the consequences of a breach. 74% believe that if their organizations experience an attack, they would get all of their data back if they paid the ransom, and 66% believe that once they pay the ransom, they won’t be attacked again. The majority (93%) stated that their organizations have ransomware insurance policies, but only 28% of those who experienced an attack said their organizations were fully reimbursed through the policy.

Survey responses also suggest ransomware policies are heavily caveated. 57% said their organization had to prove ‘best practice’ cyber threat prevention, 43% said their policy limited claim pay-outs and 40% said particular scenarios voided their policy. Read the full research report at Global Data Protection Index Report.

Sample: Survey of 1,000 IT decision makers and 500 IT security decision makers globally commissioned through Vanson Bourne and completed in September and October 2023. Unless otherwise specified, only the results from the 1,000 IT decision makers are referenced when making historical comparisons.