With traditional approaches, enterprises often struggle to gain insights across unstructured data and text. This challenge only grows as the amount of unstructured data increases. With unstructured data representing more than 80 percent of all corporate data, companies are often forced to run queries and compile reports based on a small subset of data—the information stored in structured systems. As a result, reports and analyses may be incomplete or inaccurate, with valuable insight still locked inside disparate unstructured systems.

Cohesity Gaia brings the power of generative AI to enterprise data, dramatically improving the speed and quality of insights available for a variety of use cases. The solution indexes and provides insight based on data stored in many popular formats, including emails, documents, PDFs, text files, spreadsheets, HTML, XML, and presentations.

Gain Insights Faster with Auto-Generated Themes and Topics for Thousands of Documents

One of the biggest challenges users face when working with vast datasets is having access to data but not knowing where to begin or what valuable insights can be retrieved. Cohesity Gaia overcomes this by automatically providing a visual representation of the data, sorted by themes, giving users a clear starting point. The new visual explorer uses topic modeling, a set of advanced AI techniques with natural language processing, to instantly identify hidden thematic structures across documents and files. This deep insight and context into the nature of the data offers a framework for better understanding, empowering users to ask more informed and targeted questions as they search.

The Gaia visual data explorer further simplifies this process by allowing users to click through each theme, ask conversational questions, and interact with intelligent, context-aware prompts to quickly find the most relevant information. Aligned with Cohesity’s responsible AI commitment, Gaia gives customers insight into their data while keeping it secure and compliant with regulatory requirements.

Cohesity will host a series of AI workshops to give customers and prospects a hands-on look at the first-of-its-kind visual data explorer and learn more about how Cohesity Gaia can help unlock new insights from their business. For more information on the AI workshops, visit our website.

“By addressing the challenge of managing and extracting insights from unstructured data across disparate systems, Cohesity Gaia and its new visual data explorer have the potential to revolutionize data accessibility for enterprises,” said Chirag Mehta, Principal Cybersecurity Analyst with Constellation Research. “This innovation not only could enhance data security and compliance but could also empower business users of enterprise customers with deeper, more contextual insights, significantly benefiting the decision-making process and operational efficiency.”

Access Vast Amounts of Data Stored in Sharepoint and NAS environments with Generative AI

Cohesity has also expanded support for new workloads and data sources within Gaia. Cohesity customers can now analyze corporate data protected on the Cohesity platform from Microsoft 365 Mail, Microsoft 365 Sharepoint, and Microsoft 365 OneDrive, as well as on-prem or cloud-based file servers, including popular systems like Dell EMC Isilon, Netapp NAS, physical file servers, and Cohesity Smartfiles.

The new visual data explorer feature in Cohesity Gaia visually maps customers’ data sets based on semantic indexing and creates a list of suggested questions and queries, illustrated here using test data.

To learn more about Cohesity Gaia visual data explorer, visit the website here.

Related News:

Cohesity Integrates with Crowdstrike to Level the Playing Field

Cohesity Data Cloud Updates and GenAI Detection and Recovery

The post Cohesity Announces New AI Enhancements for Visual Data Explorer appeared first on Digital IT News.

According to CrowdStrike’s 2024 Global Threat Report, adversaries have shifted to more effective tactics, such as credential harvesting and exploiting vulnerabilities, bypassing legacy defenses while using AI and other advanced technologies to rapidly evolve their techniques. Through the latest integration between Cohesity Data Cloud with CrowdStrike Falcon Adversary Intelligence, the partnership is leveling the playing field against sophisticated cyber threats.

Cohesity’s data protection solution, combined with CrowdStrike’s industry-leading threat intel feeds, which tracks over 250 adversaries and incorporates indicators of compromise (IOCs), enables mutual customers to identify the latest threats in their backup copies with higher fidelity and accuracy. The powerful combination offers greater visibility into the attack by providing the latest intelligence on emerging threats while minimizing the attackers’ advantages. Threat hunting on Cohesity backup copies allows customers to investigate stealthily and passively so that adversaries or containment or response activities do not impact investigations.

By implementing Cohesity’s clean room design and integrated tooling, customers gain specialized forensic capabilities to analyze malware, investigate breaches, and understand attack vectors without risking contamination of their broader IT environment.

“Elevating your organization’s threat detection and response is crucial in today’s threat environment, especially with AI at the disposal of cyber adversaries,” said Craig Martell, Chief Technology Officer, Cohesity. “Secondary data estates offer a perfect opportunity for minimizing attackers’ advantages and, together with CrowdStrike, our customers can enhance their threat hunting and response and automate defenses across their security stack.”

Cohesity is focused on bringing together the best of the security industry, allowing customers to choose the right solutions for them without sacrificing functionality or adding complexity. This flexibility allows for a more tailored security posture that can adapt to emerging threats and changes in the IT environment.

“Our continued partnership with Cohesity and latest joint efforts reflect our shared commitment to cyber resilience,” said Daniel Bernard, chief business officer, CrowdStrike. “To stay ahead, enterprises benefit from streamlining threat intelligence and response efforts while also harnessing their vast secondary data to gain security insights. This integration provides the technology and intelligence they need to reduce risk.”

By partnering with industry leaders like CrowdStrike, Cohesity solutions can better safeguard organizations’ digital assets in today’s dynamic threat environment. For more information on this new Cohesity integration with CrowdStrike, visit the website here.

Related News:

Cohesity Data Cloud Updates and GenAI Detection and Recovery

How to Prevent a CrowdStrike IT Outage Repeat

The post Cohesity Integrates with Crowdstrike to Level the Playing Field appeared first on Digital IT News.

According to respondents, companies’ cyber resilience strategies are holding up against a worsening cyber threat landscape, with close to 4 in 5 (78%) respondents saying they have confidence in their company’s cyber resilience strategy and its ability to ‘address today’s escalating cyber challenges and threats’.(²⁾ At the same time, over 2 in 3 (67%) respondents revealed they had been the ‘victim of a ransomware attack’ in 2024; 96% said the threat of cyberattacks to their industry would increase or had increased this year, with close to 3 in 5 (59%) saying it had or will increase by over 50% compared to 2023.

Organizations Are Paying Ransoms & Breaking ‘Do Not Pay’ Policies
However, despite the majority of respondents saying they were ‘mostly confident’ or had ‘complete confidence’ in their organization’s cyber resilience strategy, only 6% of respondents said their company would not pay a ransom to recover data and restore business processes, or do so faster, with 83% saying they would(³⁾. In fact, 3 in 4 (75%) respondents globally said their company would be willing to pay over US$1 million in ransoms to recover data and restore business processes, and over 1 in 5 (22%) said their company would be willing to pay over US$5 million.

Concerningly, close to 7 in 10 (69%) respondents said their organization had paid a ransom in the last year, before being surveyed, despite 77% saying their company had a ‘do not pay’ policy. The more than 2100 respondents, who have paid a ransom, said they had paid ransoms(⁴⁾  in the past year totaling:

• 37% have paid ransom(s) between US$1 – US$249,999
• 23% have paid ransom(s) between US$250,000 – US$499,999
• 23% have paid ransom(s) between US$500,000 – US$999,999
• 12% have paid ransom(s) between US$1,000,000 – US$2,999,999
• 6% have paid ransom(s) between US$3,000,000 – US$9,999,999
• 0.33% (7 respondents) have paid ransom(s) between US$10,000,000 – US$25,000,000

“The reality for organizations is that destructive cyberattacks, like ransomware, are a ‘when’ not ‘if’ reality that threatens their business continuity. However, organizations can tackle this reality head-on by enhancing their cyber resilience – the ability to rapidly respond and recover from cyberattacks or traditional business continuity scenarios – by adopting modern data security, response, and recovery capabilities,” said Brian Spanswick, CISO and CIO, Cohesity. “Organizations may have the greatest confidence in their cyber resilience, both in their strategy and capabilities, but the reality is that the majority are paying ransoms or would pay a ransom, so organizations are overconfident or overestimate their cyber resilience.”

Companies’ Confidence In Cyber Resilience Doesn’t Match Recovery & Restoration Realities

Cyber resilience is the technology backbone for business continuity. Cyber resilience defines companies’ ability to recover their data and restore business processes when they suffer a cyberattack. However, cyber resilience remains a challenge that threatens business continuity, according to respondents:

• Only 2% of respondents said they could recover data & restore business processes within 24 hours
• 18% said their company could recover data and restore business processes within 1-3 days
• 32% said they could recover and restore in 4 to 6 days, while 31% would need 1-2 weeks
• Almost 1 in 6 (16%) need over three weeks to recover data and restore business processes

Conversely, when asked what their organization’s ‘targeted optimum recovery time objectives (RTO) to minimize business impact in the event of a cyberattack or incident of compromise’ was, 98% of respondents said their target was within one day, despite only 2% saying they could recover data and restore business processes within this same period. Almost 1 in 2 (45%) said their targeted optimum RTO was within two hours.

Customers and consumers expect consistent continuity of operations or services, which is why effective cyber resilience is vital. Yet, only 2% said their organizations’ tolerance to disruption of business continuity and downtime due to a cyberattack or data breach was within 24 hours. In fact, 31% of respondents said their business’ tolerance for downtime was between 1-3 days, 53% said up to 4-6 days, and 12% said more than a week. Interestingly, almost 1 in 2 (49%) respondents said they had stress-tested their ‘data security, data management, and data recovery processes or solutions’, by simulating a response to a cyber event or data breach, in the past six months.

Zero Trust Security & Data Privacy Remains A Challenge Despite Enhanced Regulations & Legislation

Over half (54%) of respondents said their ‘centralized visibility’ of critical data between IT & Security could be improved to detect anomalies and determine sensitive data exposure or breaches. When asked about their data access control measures to align with zero trust security principles, barely more than half of companies had deployed multi-factor authentication, and less than half had deployed features requiring multiple approvals before changes to data or role-based access controls:

• Multi-factor Authentication (MFA): 52%
• Quorum Controls or Administrative Rules requiring multiple approvals: 49%
• Role-Based Access Control (RBAC): 46%

“The most vital element of cyber resilience is the ability to recover business-critical data that restores key business processes. But you can’t restore critical data if you don’t secure it first from external or internal threats. This starts with deploying effective data access controls like multi-factor authentication (MFA) and role-based access controls (RBAC),” said Brian Spanswick, CISO and CIO, Cohesity. “The fact that almost 1 in 2 organizations are not implementing these controls to protect sensitive data is alarming and demonstrates a significant risk to an organization’s cyber resilience. Especially given that everyday consumers and end-users are often – and rightly – required to have MFA enabled to secure their account credentials, with MFA also an important defense measure against AI-based attack techniques.”

Despite governments and public institutions going to great lengths to encourage more robust cybersecurity, data protection, and data privacy measures, only 42% of respondents said they had all the IT & Security technology capabilities to identify sensitive data and comply with applicable data privacy laws and regulations. Yet, 79% of respondents also said that ‘advanced threat detection, data isolation, and data classification were vital’ to their organization’s qualification for cyber insurance or to secure discounts on their cyber insurance policies.

When asked ‘What, if any, industries and/or sectors do you think are most impacted by cyberattacks?’, respondents selected these as the ‘Top 7’ industries or sectors most impacted(⁵⁾:

Globally:

1. IT & Technology – 40%
2. Banking & Wealth Management – 27%
3. Financial Services (including insurance companies) – 27%
4. Telecommunications & Media (including streaming services) – 24%
5. Government & Public Services – 23%
6. Utilities (including Water, Electricity, Gas, and other energy services companies) – 21%
7. Manufacturing – 21%

AI A Plus & Minus In Managing Escalating Cyber Threats

According to respondents, organizations must now contend with AI-based cyberattacks or cyber threats, with 4 in 5 (80%) respondents saying they had responded to what they believe to be AI-based attacks or threats within the last 12 months. Of those respondents who said: “Yes”, 82% said they had the ‘necessary AI-powered solutions to counter and respond to these attacks.’ Of the 18% who said they had not responded to AI-based cyberattacks or cyber threats in the past year, less than half (49%) said they have the ‘necessary AI-powered solutions to counter and respond to these attacks’, over a third (36%) said they do not, and close to 1 in 7 (15%) said they were unsure.

“Cyber resilience is critical because the incentive and motivation of attackers is so high, with attack surfaces incredibly vast, so a reliance on protective controls is unrealistic,” said Brian Spanswick, CISO and CIO, Cohesity. “Successful cyberattacks and data breaches severely disrupt business continuity, impacting revenue, reputation, and customer trust. This risk must be at the forefront of business leaders’ priorities, not just IT and Security leaders. Similarly, regulation and legislation should not be seen by companies as the ‘ceiling,’ but instead the ‘floor,’ in both developing cyber resilience and adopting data security or recovery capabilities.”

About the survey:
The findings are based on a survey of 3139 IT & Security decision-makers (split as close to 50:50 as possible) commissioned by Cohesity and conducted by Censuswide between 27.06.2024 – 18.07.2024. The top five industries that respondents selected as best representing their company’s operations were IT & Telecommunications, Manufacturing, Financial Services (incl. Insurance), Banking & Wealth Management, and Hospitals & Healthcare. Censuswide abides by and employs the Market Research Society members, follows the MRS code of conduct and ESOMAR principles, and is a member of the British Polling Council.

Learn more about how Cohesity can improve your cyber resilience strategy and data security at the website here.

Related News:

Cohesity Data Cloud Updates and GenAI Detection and Recovery

AMD EPYC CPU-Powered Solutions Offers Cohesity Customers More Choices

⁽¹⁾ Respondents were polled in: Australia, France, Germany, Japan, Malaysia, Singapore, the United Kingdom, and the United States.
⁽²⁾ Respondents were provided with the NIST definition of cyber resiliency at the start of the survey: “The ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that use or are enabled by cyber resources. Cyber resiliency is intended to enable mission or business objectives that depend on cyber resources to be achieved in a contested cyber environment.”
⁽³⁾ 11% said ‘maybe, depending on the ransom amount.’
⁽⁴⁾ Respondents were asked to select the ransom amount they had paid with the last year, or if they had paid multiple ransoms to select the total amount of the ransoms they had paid.
⁽⁵⁾ Respondents were asked to select their ‘Top 7. This is why the percentage figures total over 100% for this data set.

The post Cyber Resilience Strategy Found Overestimated Research Finds appeared first on Digital IT News.

As cyber threats such as ransomware continue to proliferate, organizations are handicapped by a lack of expertise in responding to these threats. According to the World Economic Forum’s 2024 Global Cybersecurity Outlook, 36% of executives said that skills gaps are the main challenge they face in achieving their cyber-resilience goals. The Cohesity Data Cloud updates solve a very real and vexing industry challenge: constrained by IT budgets and cybersecurity expertise shortages, organizations need comprehensive data security, management, and recovery solutions that simplify the process of identifying actionable threats and events, mitigating issues, and recovering quickly from incidents.

To aid these customers, Cohesity enhanced its AI-powered cyber recovery assistant tool for the Cohesity Data Cloud, providing expert guidance on the appropriate response. Using security context as input to GenAI and complementing this multiple sources including threat hunting scans, ransomware detection, data risk and posture, among others, customers can receive an alert to anomalous behaviors. They are then able to have a conversation to assess the impact of the anomaly and correlate events, and get direction on the right next steps on investigation and any remediation that could be needed–all from within the wizard without the need for specialized cyber response expertise. This expert guidance helps give customers a better understanding of the anomaly and its impact and enables them to engage the Security Operations team with confidence for a timely incident response so companies can quickly return to normal business operations.

“Threat actors are increasingly relying on AI to not only create more sophisticated attacks, but to also increase their volume drastically,” said Craig Martell, Chief Technology Officer, Cohesity. “We’re giving our customers the tools to fight fire with fire, helping them take on these threats to their environment and move on from them quickly, ensuring business goes on as usual. The enhanced cyber recovery assistant and clean room design will make our customers more resilient, and we’re continuing to innovate more responsible, AI-powered capabilities to the Cohesity Data Cloud.”

Cohesity’s clean room design provides a trusted and proven foundation that speeds incident recovery and augments investigations by Security Operations teams while minimizing the risk of secondary attacks. The modular design helps isolate the attack or breach within minutes and provides several native capabilities to support the SecOps team’s needs in the clean room investigation. Cohesity Data Cloud’s threat-hunting capability provides incident responders with a curated feed, helping the organization understand the adversary’s techniques throughout the attack’s lifecycle, interacting with engineers in real-time and real-language. DataProtect delivers rapid access to system snapshots over the incident timeline, allowing forensic analysis of filesystems and evidence collection. With a better understanding of the incident’s full scope, teams can mitigate threats faster, allowing customers to return to normal business as quickly as possible.

 “We’re always looking for new opportunities to bolster our cyber resilience and ensure we’re well-prepared to endure threats that are only growing in volume and sophistication,” said Tim Fleming, Director of Technology Services, Forsyth County Schools. “Cohesity is constantly innovating and giving us new tools to secure and manage our data. That’s why we believe they’re the perfect partner to help simplify and optimize our security operations so we can stay focused on what matters to our district: driving value for our students.”

The cyber recovery assistant and clean room design are available in the Cohesity Data Cloud.

To learn more about Cohesity Data Cloud, visit the website here.

Related News:

AMD EPYC CPU-Powered Solutions Offers Cohesity Customers More Choices

Confidential Computing Capabilities with Cohesity and Intel Collaboration

The post Cohesity Data Cloud Updates and GenAI Detection and Recovery appeared first on Digital IT News.

“Customers each have unique needs but a common goal – securing and gaining insight from their data. They trust Cohesity, in part, because we strive to offer the largest ecosystem with the most choices to suit their preferences,” said John Davidson, group vice president, Americas Sales, Cohesity. “By supporting AMD EPYC CPU-powered servers, we’re opening up new options for our customers to customize and modernize their data center, increasing performance and delivering energy, space, and cost savings so they can execute their data security and management strategy on their preferred hardware configurations.”

All-flash servers have become an increasingly popular choice for organizations with high-demand applications and workloads, stringent power budgets for their data centers, or increasing storage capacity requirements and little physical space within their data center. Leveraging the performance, cost efficiency, and energy efficiency of AMD EPYC CPUs, Cohesity now delivers compelling AMD-powered all-flash servers from HPE to modernize customer data centers and meet the requirements of green initiatives through the greater density, performance, and cost savings all-flash servers provide over traditional servers. Single-socket 1U HPE servers based on AMD EPYC can reduce the number of required nodes and power costs by up to 33% when compared with dual-socket 2U servers based on other CPUs. Additionally, through the HPE Secure Supply Chain, Cohesity’s software is preloaded at the factory, reducing deployment and increasing the security of the overall solution.

“Businesses increasingly demand more from their data centers to meet their business needs —more performance, more energy efficiency, more cost savings,” said Kumaran Siva, corporate vice president, Strategic Market Development, AMD. “AMD is uniquely positioned to help meet the demands of the modern data center while enabling technology partners, like Cohesity, to deliver business critical applications like their AI-powered data security and management capabilities.”

Cohesity’s AI-powered data security and management capabilities are now generally available on AMD-powered all-flash servers from HPE and hybrid servers from Dell and Lenovo.

Learn more about Cohesity Data Cloud supporting AMD EPYC CPU-powered servers by reading the blog: “Revamping Your Data Centers with Cohesity on HPE Next-Gen Compute, Powered by AMD” here.

Related News:

Confidential Computing Capabilities with Cohesity and Intel Collaboration

Cohesity DataProtect Integration with Microsoft 365 Brings Enhanced Security

The post AMD EPYC CPU-Powered Solutions Offers Cohesity Customers More Choices appeared first on Digital IT News.

The post Dr. Martell Appointed as Cohesity’s Chief Technology Officer appeared first on Digital IT News.

Together, Cohesity and Intel are solving one of the most pressing cybersecurity challenges for CIOs. Traditionally, options have been limited for protecting data in use while it is actively processed in memory, which can leave data unencrypted and vulnerable to insider attacks. Confidential computing enabled by Intel® Software Guard Extensions (Intel® SGX) will support Cohesity customers to reduce the risk posed by potential bad actors accessing data while it is being processed in main memory. This is especially critical for highly regulated industries like financial institutions, healthcare, and government.

Cohesity’s flagship platform, Cohesity Data Cloud, has long included many proven and cutting-edge technologies to help the world’s largest organizations manage and secure their most critical data from cyber criminals. Cohesity and Intel are joining forces to reduce customers’ risk of cyber threat by:

• Creating a unique solution that will protect encryption keys that secure customer data in a hardware-secured environment leveraging Intel SGX for confidential computing in the cloud.
• This solution dramatically reduces the risk posed by data exfiltration, as the data is not viewable or downloadable by any privileged accounts when the data is being processed in memory as it is encrypted.
• Providing a way for Cohesity customers to verify that their Intel SGX is legitimate by using Intel® Trust Authority, which has the latest patches and only runs the dedicated Cohesity application before extracting the data encryption key.

“We are relentlessly focused on innovation that furthers our mission: To protect, secure, and provide insights into the world’s data. Collaborations with the biggest and most trusted names in tech, like Intel, are the reason why the largest global enterprises rely on us to strengthen their business resilience,” said Sanjay Poonen, CEO and President of Cohesity. “With Intel SGX, Intel Trust Authority, and confidential computing, our customers will benefit from reduced risk and increased security in cloud environments, allowing them to focus on what really matters, their business.”

“Intel is a pioneer and leader in data center confidential computing technologies, enabling customers, especially those handling sensitive or highly regulated data, to address their needs of confidentiality, integrity, and attestation for their workloads,” said Greg Lavender, executive vice president and chief technology officer at Intel Corporation. “Cohesity’s adoption of our technology reflects the growing customer need to protect critical data in the cloud and advances our common goal of delivering a secure computing environment combined with the trust customers expect.”

Read more about how Intel and Cohesity use confidential computing to protect secondary data in this blog.

The post Confidential Computing Capabilities with Cohesity and Intel Collaboration appeared first on Digital IT News.

Alarmingly, close to 8 in 10 (79%) respondents said their company had been the ‘victim of a ransomware attack’ between June and December. The cyber threat landscape is expected to get even worse in 2024, with 96% of respondents saying the threat of cyberattacks to their industry will increase this year and over 7 in 10 (71%) predicting it will increase by more than 50%.

Organizations’ attack surfaces are informed by the size and scope of their data environments. However, 78% of respondents said their data security risk has now increased faster than the growth in the data they manage. Respondents also believe organizations’ cyber resilience and data security strategies are not keeping up with the current threat landscape, with just 21% having full confidence in their company’s cyber resilience strategy and its ability to ‘address today’s escalating cyber challenges and threats’.(1)

Slow Data Recovery & Lack of Cyber Resilience Results Ransom Payments

Cyber resilience is the technology backbone for business continuity. It defines companies’ ability to recover their data and restore business processes when they suffer a cyberattack or adverse IT event. However, according to respondents, every company has cyber resilience and business continuity challenges:

• All respondents said they need over 24 hours to recover data and restore business processes
• Just 7% said their company could recover data and restore business processes within 1-3 days
• 35% said they could recover and restore in 4 to 6 days, while 34% need 1-2 weeks
• Alarmingly, almost 1 in 4 (23%) need over 3 weeks to recover data and restore business processes

Further demonstrating cyber resilience gaps, just 12% said their company had stress-tested their data security, data management, and data recovery processes or solutions in the six months prior to being surveyed, and 46% had not tested their processes or solutions in over 12 months.

Unsurprisingly, 94% of respondents said their company would pay a ransom to recover data and restore business processes, while 5% said ‘maybe, depending on the ransom amount.’ More than 2 in 3 (67%) said their company would be willing to pay over $3 million to recover data and restore business processes, with 35% of respondents saying their company would be willing to pay over $5 million. The research also showed the importance of being able to respond and recover, as 9 in 10 said their organization had paid a ransom in the prior two years, despite 84% saying their company had a ‘do not pay’ policy.

“Organizations can’t control the increasing volume, frequency, or sophistication of cyberattacks such as ransomware. What they can control is their cyber resilience, which is the ability to rapidly respond and recover from cyberattacks or IT failures by adopting modern data security capabilities,” said Brian Spanswick, chief information security officer and head of IT, Cohesity. “It is no surprise that the majority of companies have been hit by cyberattacks like ransomware. What is alarming is that 90% have paid a ransom, breaking their ‘do not pay’ policies, and most are willing to pay over $3 million in ransoms because they can’t recover their data and restore business processes or do so fast enough.”

Executive Management Should Be Accountable & Aligned

Respondents identified executive awareness and responsibility for data security as two areas for companies to improve, with just 35% saying their senior and executive management fully understands the ‘serious risks and daily challenges of protecting, securing, managing, backing up, and recovering data.’ Four in five said executive management (C-Level) and boards should share the responsibility for their company’s data security strategy, while 67% said their company’s CIO and CISO, in particular, could be better aligned.

Prioritizing their biggest concerns about a successful data breach or cyberattack, respondents selected brand and reputational damage (34%), a drop in share price / investment / profitability (31%), a direct hit to revenue (30%), and a loss of stakeholder trust (30%). When asked who is most impacted by a data breach or cyberattack, respondents said existing customers (29%), the Security team (29%), the IT team (28%), employees (28%), and their third-party partners (27%) were most impacted.

“Cyber resilience and data security should be a holistic organizational priority because the use of data and technology occurs in every function by every employee. The severe impact of a successful cyberattack or data breach on business continuity, revenue, brand reputation, and trust is enough to keep all business, IT, and Security leaders awake at night,” said Sanjay Poonen, CEO and president of Cohesity. “To rapidly respond to cyberattacks, organizations need modern AI-powered data security and management solutions that protect their data, detect when it is under attack, and recover it as fast as possible to restore their business processes.”

Regulation Isn’t Driving Companies’ Cyber Resilience & Data Security Best Practices

Despite governments and public institutions going to great lengths to encourage stronger cybersecurity and data management, only 46% of respondents said government initiatives, legislation, and regulations are actually driving their companies’ data security, data management, or data recovery initiatives. Of these respondents that said specific government initiatives, legislation, and regulations are driving their data security, management, and recovery approaches, 2 in 3 named these as the most influential:

United States:

1. California Consumer Privacy Act
   Federal Trade Commission Act of 1914
2. Department of Defense’s Cyber Security Maturity Model Certification (CMMC)
   Digital Millennium Copyright Act of 1998 (DMCA)
   Sarbanes-Oxley Act of 2002
3. California Privacy Rights Act of 2020 (CPRA)

Australia:

1. Privacy Act 1988
2. Digital Transformation Agency Guidelines
3. Office of the Australian Information Commissioner’s Notifiable Data Breach (NDB) Scheme

United Kingdom:

1. National Data Strategy (NDS)
2. Consumer Data Right (CDR)
3. Data Protection Act 2018
   UK Cloud Security Principles

“It may seem surprising that 54% say government efforts and policies aren’t driving their companies’ data security, management, and recovery initiatives. However, organizations should not be centering their entire data security, risk, management, or recovery strategy around a set standard or compliance framework,” said Spanswick. “Organizations should certainly adhere to legislation, regulation, and standards, but these should be seen as the floor and not the ceiling. The security risks to a company’s data and operations should be what drives their data management, security, and recovery practices.”

About the survey:
The findings are based on a survey of 902 IT and Security decision-makers (split as close to 50:50 as possible) commissioned by Cohesity and conducted by Censuswide. Survey respondents were polled from businesses in Australia, the United Kingdom, and the United States. The top five industries selected by respondents as best representing the industry their company operates in were: IT & Telecommunications, Finance, Healthcare, Finance, HR, and Manufacturing & Utilities.

Learn how to reduce the threat of cyberattacks with Cohesity’s intelligent data security and management solutions.

Related News:

Cohesity DataProtect Integration with Microsoft 365 Brings Enhanced Security

Cyber Resilience and Data Recovery are Lacking According to Cohesity Research

¹Respondents were provided with the NIST definition of cyber resiliency at the start of the survey: “The ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that use or are enabled by cyber resources. Cyber resiliency is intended to enable mission or business objectives that depend on cyber resources to be achieved in a contested cyber environment.”

The post Cyberattacks Compel Companies to Pay Ransoms, Breaking their ‘Do Not Pay’ Policies appeared first on Digital IT News.

The post Cohesity DataProtect Integration with Microsoft 365 Brings Enhanced Security appeared first on Digital IT News.

The post Cyber Resilience and Data Recovery are Lacking According to Cohesity Research appeared first on Digital IT News.