“In 2023 cyberattacks are, for the first time, the leading cause of IT downtime.”
That’s according to the Databarracks Data Health Check survey of 500 U.K. IT decision-makers.
I don’t know about you, but when I read that, a lot of thoughts crossed my mind. I won’t share all of them, but I will focus on two in particular. The first of those thoughts was that I was surprised it took so long for that to happen. But, then again, I thought about how this really isn’t a “different” cause that’s topping the list for downtime catalyst. It always was, and, most likely, always will be human error.
We can blame it on power loss, cyberattacks, natural disasters, or whatever. But, the truth is, it’s us.
When it comes to cybersecurity, too many of us are willing to take the risk. In fact, I’d go so far to say as we are all willing to take risks when it comes down to it. But, some of us are making personal choices and others are making choices on behalf of others who we convince to trust us with their data.
Databarracks has been conducting the Data Health Check survey since 2008.
“Cyber has gone from one of the lowest causes of data loss and downtime to top in both categories,” said James Watts, managing director of Databarracks. “The other causes have not reduced. IT teams are now operating in a much more difficult period with significantly more risk and threats to the continuity of their organizations.”
This is interesting to me for a number of reasons. While I know that this survey includes responses from only a fraction of the population pool the respondents represent, I find it alarming that there has been no decrease in any area for a single cause of downtime, and, at the same time, a low-ranking cause has creeped up to the top of the list.
Last month was Cybersecurity Awareness Month, so, in the spirit of Halloween, I shared some scary security stats. You can access the full report roundup on our website, but here are some of the most alarming.
- Almost half (45%) of IT teams do not fully know the configuration of their networks, and 21% shared that individuals outside of ITOps are making configuration changes.
- A combined 48% of respondents did not think leadership would care about a cyberattack (25%) nor would respond (23%).
- Three-quarters (75%) of people globally don't adhere to widely accepted password best practices, with a majority (64%) either using weak passwords or repeat variations of passwords to protect their online accounts.
- Nearly three-quarters (71%) of firms have exposures that enable attackers to pivot from their on-prem to cloud environment. Once there, 92% of critical assets lie just one hop away.
I read a lot about the strides the industry is making. But, then I come across reports, like the Data Health Check, and I can’t help but wonder … are we making strides?
I think it’s time the industry stops bragging about what it’s doing great and takes a look in the mirror instead. We have a lot of room for improvement, and we should occupy that space with our growth.