Report reveals sensitive data loss landscape

Rubrik Zero Labs Research reveals stark realities about defending data today, threats to our data, and a growing need for different data security & cyber resiliency strategies.

  • Saturday, 18th November 2023 Posted 1 year ago in by Phil Alsop

As marquee brands continue to reveal the challenges of successful cyberattacks targeting their business data, a new cyber report from Rubrik finds a stark reality: about one of every two organizations surveyed suffered a loss of sensitive data over the last year. In fact, one of six organizations experienced multiple losses of data in the past 12 months.

In its new research report, “The State of Data Security: The Journey to Secure an Uncertain Future,” Rubrik Zero Labs provides a timely view into the increasingly commonplace problem of cyber risks and the challenge to secure data across an organization’s expanding surface area. New technologies – from artificial intelligence (AI) to cloud – continue to create countless opportunities for modern cybersecurity threats that capitalize on the explosion of data worldwide, according to more than 1,600 security executives who participated.

Data Is Surging — And Shows No Signs of Slowing Down

• A typical organization’s data has grown 42% over the last 18 months, with SaaS data driving the most growth overall (145%) followed by cloud (73%) and on-premises (20%), as observed in the Rubrik Zero Labs Report (2023) .

• On average, a typical organization’s data volume totals 240 backend terabytes (BETB). Three Rubrik-protected organizations reported more than a petabyte of backend data storage.

• Rubrik Zero Labs predicts that the total volume of data a typical organization needs to secure will increase by almost 100 BETB in the next year — and by 7x in the next five years.

Organizations Struggle to Protect Sensitive Data Amid Growth

• Global organizations have 24.8 million sensitive data records, observed on average.

• 61% of organizations surveyed store sensitive data in multiple locations across cloud, on-premises, and SaaS environments, with less than 4% reporting a dedicated, sensitive data storage location.

• Over half (53%) of external organizations surveyed experienced a material loss of sensitive information in the last year, with about one out of every six organizations (16%) experiencing multiple losses in 2022.

• The most widely-reported data types compromised included personally identifiable information (38%), corporate financial data (37%), and authentication credentials (32%).

Data Policies Need To Be Improved To Meet Growing Data Security Needs

• 66% of IT and security leaders surveyed believe their organization’s current data growth is outpacing their ability to secure this data and manage risk.

• Almost all (98%) external organizations surveyed believe they currently have significant data visibility challenges.

• 62% of respondents suspect people inside their organization are accessing data in violation of data policies.

• 54% of external organizations surveyed have an appointed single senior executive responsible for data and its security.

“The explosive growth in data is due to increasing use of big data tied to artificial intelligence, the Internet of Things, and the increasingly common use of personal data generated by devices. Furthermore, it is rapidly changing both sides of the cybersecurity battlefront – including the myriad of ways that attacks are carried out and how our systems execute rapid response, from posture management to data security,” said Steven Stone, Head of Rubrik Zero Labs. “We see that left unattended, today’s data proliferation can cripple businesses. Organizations need to have the right visibility into their data to secure it, with a clear plan for cyber resilience that delivers business continuity.”

“The State of Data Security” comes from Rubrik Zero Labs, the company’s cybersecurity research unit formed to analyze the global threat landscape, report on emerging data security issues, and give organizations research-backed insights and best practices to secure their data against increasing cyber events.