New Commvault Research Identifies Critical Lapses in Cyber Recovery Efforts Across ANZ Organisations


Data immutability, cleanrooms, AI, and robust planning are critical to speeding up recovery and business continuity.

Commvault State of Data Readiness Report in ANZ 2024 key findings:

  • 75% of business leaders want to resume business within 5 days post-cyberattack, yet actual recovery spans from 5 to 8 weeks
  • Significant disconnect between the business’ recovery time expectations and IT reality
  • High prevalence of cyberattacks with 62% of Australian and 68% of New Zealand companies experiencing at least one attack in the last year
  • Focus on cyber resilience is increasing, yet only 4% of organisations believe they have mature, proactive capabilities

Today Commvault, a leading provider of data protection and cyber resilience solutions for hybrid cloud organisations, released its ‘ANZ State of Data Readiness report 2024’, revealing that businesses in Australia and New Zealand (ANZ) face considerable challenges in quickly resuming operations post-cyberattack due to gaps in cyber resilience.

The report, commissioned by Commvault and conducted in partnership with Tech Research Asia (TRA), surveyed IT leaders and decision-makers from over 400 organisations across the ANZ region. It highlights the stark contrast between leaders’ expectations for quick business resumption and the prolonged recovery periods reported by IT professionals.

Leaders in the survey cited speed of business resumption as a top care about following an attack, with 75% wanting to be back in business after a cyber incident in five days or less. The IT professionals engaged in the research reported that on an average, it takes their organisation between five and eight weeks to recover from a breach.

The frequency of cyberattacks remains high, with many organisations still vulnerable to significant breaches, especially targeting backup and production data. Sixty-two percent of Australian and 68% of New Zealand organisations stated they had experienced at least one cyberattack in the last 12 months.

Martin Creighan, Vice President for Asia Pacific at Commvault, stated, “The findings emphasise the critical gap between the expectation of rapid recovery and the harsh reality of extended downtimes. Organisations must prioritise strengthening their cyber resilience to safeguard against the increasing frequency and sophistication of cyber threats.”

The maturity of cyber resilience strategies in the region remains low, with a call for more robust incident response plans and investments in technologies like AI and data immutability. The data reveals 50% of ANZ organisations have a ‘very immature’ cyber resiliency capability level, and only 4% believe they have a proactive, mature capability.

The report suggests that ANZ companies must invest in rigorous testing of their incident response plans and adopt advanced recovery solutions to reduce recovery times and enhance overall cyber resilience. While 69% of companies stated they have an incident response plan in place and 62% test that plan every six months, 23% suggested they have a poor response plan and 56% believe they ‘could do better’.

Testing incident response and cyber readiness plans is an essential practice, yet organisations often face significant barriers. Many find the process both expensive and disruptive to daily operations. This complexity is exacerbated by the need to coordinate with multiple vendors, which can obscure recovery capabilities and create gaps that not only extend recovery times but also inflate costs.

According to the study, the primary challenges hindering effective testing of these plans are the high costs, insufficient planning, the intricate nature of the tests themselves, and a notable shortage of skilled cybersecurity professionals. However, employing modern strategies like conducting tests in cleanrooms can help mitigate these issues.

“The latest cleanrooms are not only designed to orchestrate, on demand, recovery to a clean, isolated location in the cloud, but they can also be used to routinely and cost effectively test cyber recovery strategies in advance of an attack,” noted Creighan. “The adoption of cleanrooms and immutable data storage are just some of the ways companies can bolster their defences against a breach.”

To understand more about Commvault’s innovations that can help organisations enhance their cyber resilience and recovery readiness, check here. For a deeper understanding of the cybersecurity landscape and to explore more strategies for enhancing cyber defences, the full report is available here – ANZ State of Data Readiness Report 2024.

Research Methodology:

The survey, conducted by TRA in partnership with Commvault, involved comprehensive responses from senior IT personnel across diverse sectors in Australia and New Zealand. The study aims to gauge the current state of data readiness and cyber resilience across the region.

About Commvault

Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience, helping more than 100,000 organizations keep data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere—at the lowest TCO.

About Tech Research Asia

TRA is a fast-growing IT analyst, research, and consulting firm with an experienced and diverse team in: Sydney | Melbourne | Singapore | Kuala Lumpur | Hong Kong | Tokyo. We advise executive technology buyers and suppliers across Asia Pacific. We are rigorous, fact-based, open, and transparent. And we offer research, consulting, engagement, and advisory services. We also conduct our own independent research on the issues, trends, and strategies that are important to executives and other leaders that want to leverage the power of modern technology.

/Public Release.