TRENDING
Survey highlights
• Financial systems : 70 % are covered by data protection strategies
• E-commerce and HR management systems : 50 % are covered
• CRM and ERP systems : 48 % and 42 % respectively
• Critical transaction-based systems , custom applications and collaboration and productivity tools : Are lagging behind with only between a third and a quarter of systems covered
Good data protection is essentially ‘ data classification plus good recovery capabilities ’. but with the move to cloud , it ’ s like we ’ re starting from scratch again .”
The current state of data protection is also seen as a significant barrier to expanding the use of Generative AI technologies .
Strategic gaps :
• Critical SaaS data applications : 50 % of respondents have included cloud-stored data for critical SaaS applications in their Disaster Recovery plans , and 40 % plan to do so
• AI data protection : Nearly all organisations prioritise AI data protection , with 52 % already implementing tools for chatbots and AI platforms and 43 % considering them
“ Good data protection is essentially ‘ data classification plus good recovery capabilities ’: If you understand your data , and can recover uncorrupted versions of it fast , you have a solid foundation to ensure business continuity , compliance and recovery . But this is easier said than done : The complexity of implementing new initiatives , such as governance over data used by large language models ( LLMs ), and the need to balance conflicting IT demands , pose additional challenges for any industry ,” added Larsen .
Compliance and future-proofing
Compliance is a top concern for 73 % of survey respondents heading into 2024 , with data governance ( 53 %) and enterprise backup and recovery ( 45 %) also ranking high . Regulatory scrutiny is increasing globally , with mandates from agencies like the SEC in the US and the upcoming Digital Operational Resiliency Act ( DORA ) in the EU .
“ Anything related to finance is important , most people will agree . And it ’ s an obvious place to start when you map your critical systems and data . The survey shows that financial systems are by far the most incorporated in data protection strategies , and when you look at verticals , financial institutions are also a little more mature than others ,” said Kim Larsen , CISO at Keepit .
Strategic gaps and vulnerabilities
The survey reveals that only half of the organisations have incorporated cloud-stored SaaS data into their Disaster Recovery plans . Another 40 % plan to address this gap soon . A decision-maker participating in a recent Keepit CISO roundtable remarked : “ We solved many of these challenges 10 to 15 years ago ,
Compliance challenges :
• Regulatory mandates : New cybersecurity resilience requirements
• Cybersecurity risks : Continued threats , notably ransomware
“ Cyberstrategy must be perfectly aligned with the business to effectively support it . The more global an organisation becomes , the more difficult this is – to align access and comply with regulations . This is backed up in our study , where CISOs emphasised the need for a unified risk management strategy that aligns with regional regulatory requirements ,” said Larsen .
Organisational maturity and risk management
Keepit ’ s interviews with over 30 CISOs and CIOs reveal the importance of organisational maturity in handling
22 INTELLIGENTCIO EUROPE www . intelligentcio . com