Rubrik Zero Labs Research reveals stark realities about defending data today, threats to our data, and a growing need for different data security & cyber resiliency strategies
- A typical organisation’s total data increased 42% over the last 18 months, as SaaS data grew by 145%
- 66% of IT and security leaders report that data growth outpaces their ability to secure data and mitigate risk
- 98% of organisations report significant data visibility challenges
- Roughly two of three organisations report that it is likely employees are accessing data in violation of corporate data policies
PALO ALTO, Calif., November 14, 2023 – As marquee brands continue to reveal the challenges of successful cyberattacks targeting their business data, a new cyber report from Rubrik, the Zero Trust Data Security™ Company, finds a stark reality: about one of every two organisations surveyed suffered a loss of sensitive data over the last year. In fact, one of six organisations experienced multiple losses of data in the past 12 months.
In its new research report, “The State of Data Security: The Journey to Secure an Uncertain Future,” Rubrik Zero Labs provides a timely view into the increasingly commonplace problem of cyber risks and the challenge to secure data across an organisation’s expanding surface area. New technologies – from artificial intelligence (AI) to cloud – continue to create countless opportunities for modern cybersecurity threats that capitalise on the explosion of data worldwide, according to more than 1,600 security executives who participated.
Data Is Surging — And Shows No Signs of Slowing Down
- A typical organisation’s data has grown 42% over the last 18 months, with SaaS data driving the most growth overall (145%) followed by cloud (73%) and on-premises (20%), as observed in the Rubrik Zero Labs Report (2023) .
- On average, a typical organisation’s data volume totals 240 backend terabytes (BETB). Three Rubrik-protected organisations reported more than a petabyte of backend data storage.
- Rubrik Zero Labs predicts that the total volume of data a typical organisation needs to secure will increase by almost 100 BETB in the next year — and by 7x in the next five years.
Organisations Struggle to Protect Sensitive Data Amid Growth
- Global organisations have 24.8 million sensitive data records, observed on average.
- 61% of organisations surveyed store sensitive data in multiple locations across cloud, on-premises, and SaaS environments, with less than 4% reporting a dedicated, sensitive data storage location.
- Over half (53%) of external organisations surveyed experienced a material loss of sensitive information in the last year, with about one out of every six organisations (16%) experiencing multiple losses in 2022.
- The most widely-reported data types compromised included personally identifiable information (38%), corporate financial data (37%), and authentication credentials (32%).
Data Policies Need To Be Improved To Meet Growing Data Security Needs
- 66% of IT and security leaders surveyed believe their organisation’s current data growth is outpacing their ability to secure this data and manage risk.
- Almost all (98%) external organisations surveyed believe they currently have significant data visibility challenges.
- 62% of respondents suspect people inside their organisation are accessing data in violation of data policies.
- 54% of external organisations surveyed have an appointed single senior executive responsible for data and its security.
“The explosive growth in data is due to increasing use of big data tied to artificial intelligence, the Internet of Things, and the increasingly common use of personal data generated by devices. Furthermore, it is rapidly changing both sides of the cybersecurity battlefront – including the myriad of ways that attacks are carried out and how our systems execute rapid response, from posture management to data security,” said Steven Stone, Head of Rubrik Zero Labs. “We see that left unattended, today’s data proliferation can cripple businesses. Organisations need to have the right visibility into their data to secure it, with a clear plan for cyber resilience that delivers business continuity.”
“The State of Data Security” comes from Rubrik Zero Labs, the company’s cybersecurity research unit formed to analyse the global threat landscape, report on emerging data security issues, and give organisations research-backed insights and best practices to secure their data against increasing cyber events.
In its third global study since launching one year ago, Rubrik Zero Labs commissioned Wakefield Research to gather insights from more than 1,600 IT and security leaders — half of which were CIOs and CISOs — across 10 countries. This report is supplemented by a significant increase in Rubrik telemetry to provide an authentic view of organisations’ environments and threats they face, looking at more than 5,000 clients across 22 industries.
“The State of Data Security: The Journey to Secure an Uncertain Future” by Rubrik Zero Labs was commissioned by Rubrik and conducted by Wakefield Research among more than 1,600 IT and security decision-makers at companies of 500 or more employees. Respondents were made up of approximately half CIOs and CISOs and half VPs and Directors of IT and Security. The research was conducted in the US, UK, France, Germany, Italy, Netherlands, Japan, Australia, Singapore, and India between June 30, 2023 and July 11, 2023.
The survey supplemented Rubrik telemetry, looking at more than 5,000 clients across 22 industries and 67 countries. The data includes over 35 exabytes of logical storage secured and more than 24 billion sensitive data records from January 2022 through July 2023.
Rubrik is on a mission to secure the world’s data. With Zero Trust Data Security™, we help organizations achieve business resilience against cyberattacks, malicious insiders, and operational disruptions. Rubrik Security Cloud, powered by machine learning, secures data across enterprise, cloud, and SaaS applications. We help organizations uphold data integrity, deliver data availability that withstands adverse conditions, continuously monitor data risks and threats, and restore businesses with their data when infrastructure is attacked.