Half of organizations have suffered a cyberattack or incident that prevented access to data in 2023

Over half (54%) of organizations suffered a cyberattack or incident that prevented access to data last year, according to the 2023 Dell Technologies Global Data Protection Index survey of 1,000 IT decision makers (ITDMs) and 500 IT security decision makers.

Respondents report that IT disruption is commonplace, with the vast majority (90%) saying their organizations experienced some form of IT disruption in 2023. External security breaches were the most cited (40%) cause of data loss and/or systems downtime within organizations. Over half (55%) of those who experienced a cyberattack event said attackers’ first point of entry was external – users clicking on spam or phishing emails and malicious links, compromised user credentials and hacked mobile devices.

Looking to the implications, respondents said that disruptions that include data loss cost on average USD $2.61 million in 2023, accounted for an average of 26 hours of unplanned downtime and resulted in an average of 2.45TB worth of data loss. Costs associated with cyberattacks and related incidents have also doubled, up from USD $0.66 million in 2022 to USD $1.41 million in 2023.

Generative AI and cybersecurity

Generative AI (GenAI) is emerging as a strategic tool for bolstering defences, with 52% of those surveyed saying that integrating GenAI will provide an advantage to their organization’s cybersecurity posture. However, showing the dual nature of GenAI as both a defensive asset and source of complexity, 88% also agreed that the adoption of GenAI will generate large volumes of new data. The same percentage (88%) agreed that GenAI will amplify the value of specific data types.

Mohamed Talaat, Vice President for Saudi Arabia, Egypt, Libya, Levant and Turkey at Dell Technologies said, “As businesses in the region advance their digital transformation through technologies like multi-cloud and GenAI, cybersecurity needs to be a top priority. Organizations and IT decision makers in Saudi Arabia should actively fortify their operations by implementing robust cybersecurity measures. This proactive approach not only guards against potential threats but also ensures that businesses have secure and future proof infrastructure that protects their most valuable asset – data.”

Looking to ransomware attacks, responses suggest an over-confidence surrounding the consequences of a breach. 74% believe that if their organizations experience an attack, they would get all of their data back if they paid the ransom and 66% believe that once they pay the ransom, they won’t be attacked again. The majority (93%) stated that their organizations have ransomware insurance policies but only 28% of those who experienced an attack said their organizations were fully reimbursed through the policy. Survey responses also suggest ransomware policies are heavily caveated. 57% said their organization had to prove ‘best practice’ cyber threat prevention, 43% said their policy limited claim pay-outs and 40% said particular scenarios voided their policy.