90% of IT and security leaders said their organization experienced a cyberattack within the last year, according to a report by Rubrik.
“Many organizations that move to the cloud assume their providers will handle security,” said Joe Hladik, Head of Rubrik Zero Labs. “The persistence of ransomware attacks, coupled with the exploitation of hybrid cloud vulnerabilities, shows that threat actors are always one step ahead. Companies must take action and adopt an attacker’s mindset by identifying – and protecting – the most valuable data before it’s too late. The need for a data-centric security strategy that prioritizes visibility, control, and quick recovery has never been more urgent.”
Nearly one fifth of organizations globally experienced more than 25 cyberattacks in 2024 alone, according to IT and security leaders, an average of at least one breach every other week.
The most common attack vectors cited were data breaches (30%), malware on devices (29%), cloud or SaaS breaches (28%), phishing (28%), and insider threats (28%). Consequences of these attacks include:
- 40% of respondents reported increased security costs.
- 37% noted reputational damage and loss of customer confidence.
- 33% experienced a forced leadership change following a cyber incident.
Organizations are still hesitant about cloud adoption
While cloud adoption has become a cornerstone of modern business practices, some organizations remain hesitant to fully embrace the shift. Challenges, such as understanding application dependencies, comparing on-premises and cloud costs, and assessing technical feasibility, often serve as significant barriers.
90% of IT and security leaders report managing hybrid cloud environments, and half of IT leaders say the majority of their workloads are now cloud-based.
Many businesses also harbor misconceptions about the inherent security of cloud services, assuming that cloud providers will take full responsibility for safeguarding their data. This reliance can lead to a false sense of security, leaving organizations vulnerable to risks, such as data breaches or loss, particularly if something catastrophic occurs.
35% of respondents cite securing data across these varied ecosystems as their top challenge, followed by a lack of centralized management (30%), and a lack of visibility and control over cloud-based data (29%).
36% of sensitive files are classified as high risk and are largely composed of personally identifiable information (PII), such as social security numbers and phone numbers; followed by digital data and business data, such as intellectual property and source code.
Ransom payments remain a common data recovery method
Of the organizations that experienced a successful ransomware attack last year, 86% admitted they paid a ransom to recover their data. 74% said threat actors were able to partially compromise backup and recovery systems, while 35% said their systems were completely compromised.
With 92% of organizations using between two and five cloud and SaaS platforms, attackers are exploiting weak points in identity and access management to move laterally and escalate ransomware attacks.
Insider threats, often driven by compromised credentials, were cited by 28% of IT leaders, underscoring the growing difficulty of maintaining strong access controls across distributed systems.
Researchers revealed that 27% of high-risk sensitive files contain digital data such as API keys, usernames, and account numbers – exactly the kind of information threat actors seek to hijack identities and infiltrate critical systems.
