Cyberattack Recovery is Uncertain for Almost Half of Businesses
Businesses aren’t ready to get back to work after a cyberattack
Is your organization ready to handle a cybersecurity incident that hampers your access to systems and data? It’s a likely scenario for businesses of any size. About one-third of companies worldwide have experienced a ransomware attack or breach that blocked access to their systems or data. Unfortunately, far too many organizations aren’t ready for trouble. For the Datto SMB Cybersecurity Survey for MSPs Report, we asked more than 2900 IT decision-makers at small and mid-sized businesses (SMBs) worldwide to tell us about their readiness to handle a cyberattack recovery. What we found is that a surprisingly large number of businesses aren’t ready for trouble.
Excerpted from the Datto SMB Cybersecurity Survey for MSPs Report DOWNLOAD IT NOW>>
Businesses get the message that a cyberattack recovery plan is a business essential
When it comes to having a cybersecurity disaster recovery plan in place, over half of respondents said that they have a standard recovery plan ready to go. However, some businesses still need serious help making a cyberattack recovery plan, creating opportunities for MSPs to help them be ready for trouble. That’s also a ripe opportunity for MSPs to guide clients into investing in the resources they’ll need to enact that plan, like BCDR or remote identity and access management tools.
Eight in 10 survey respondents (81%) said that their company has a recovery plan in place.
| Recovery Plan Status | Respondents |
| We have a best-in-class recovery plan in place | 29% |
| We have a standard recovery plan in place | 52% |
| We have solutions to protect us, but do not have a formal recovery plan in place | 14% |
| We do not have any recovery plan in place | 2% |
| I believe my service provider has a recovery plan in place, but I do not know the details | 3% |
Source: Datto
See how security awareness training stops the biggest security threats! GET INFOGRAPHIC>>
About half of SMBs face a painful cyberattack recovery
Many businesses would seriously suffer if they had to enact a recovery plan, and one disaster just might be enough to put a substantial amount of companies out of business. Just under one-fifth of respondents told us that their organization would be doomed in the event of a successful cyberattack or another damaging cybersecurity incident, and 47% said they believe recovery would be difficult.
Just under half of the survey respondents (47%) said that their companies are likely to recover from a cyberattack or cybersecurity incident, but it would be painful.
| Outcome | Response |
| Recovery would be easy | 37% |
| Recovery would be difficult | 47% |
| We would not recover | 16% |
Source: Datto
What worries security pros? The Kaseya Security Insights Report 2022 tells you. GET YOUR REPORT>>
Successful disaster recovery is easier said than done
SMBs need help with disaster recovery. Often, businesses have no choice but to clear the slate and start from scratch, adding expense and complexity to an already financially damaging situation. One-fifth of respondents were forced to reinstall and reconfigure all systems from scratch to get back to work. MSPs can provide SMBs with the help that they need to improve their backup and recovery processes.
| Action taken to return to baseline | Response |
| Performed disaster recovery (DR) and restored everything from full backups | 30% |
| Restored a portion of the systems, and reinstalled and reconfigured the rest | 29% |
| Reinstalled and reconfigured all our systems from scratch | 21% |
| Paid the ransom to have our data decrypted | 2% |
| Did not pay the ransom and lost our data completely | 2% |
| Paid the ransom but still could not decrypt our data, losing it completely | 1% |
| Could not recover and have closed/are closing our business | 1% |
| Something else | 1% |
| No action was needed | 10% |
Source: Datto
Downtime costs $126k on average
Downtime is an expensive problem that nearly half of our respondents contended with in the past year. The business impact and punishing expense of downtime present MSPs with a pathway to recommend solutions, like BCDR, that will reduce downtime in the case of a cyberattack recovery. The cost of downtime also highlights the importance of taking action to prevent an incident through security awareness training and other preventative measures.
$126,000 is the average cost of the downtime, including lost revenue
| Cost of Downtime | Response |
| $1,000 to less than $250,000 | 84% |
| $250,000 to less than $500,000 | 8% |
| $500,000 to less than $750,000 | 4% |
| $750,000 to less than $1 million | 3% |
| $1 million or more | 1% |
Source: Datto
Get 10 tips to help you build a strong security culture & reduce your risk of cybersecurity trouble! GET INFOGRAPHIC>>
Manual backup is still the top data disaster & cyberattack recovery method
Just under half of the survey respondents (49%) said that their organizations relied on manual backup to recover data in their last cybersecurity incident. That means that half of the businesses we surveyed need to update to cloud backup and learn the benefits of BCDR — a big opportunity score for MSPs.
Top solutions or methods used to recover data
| Recovery Method | Response |
| Manual backup | 49% |
| Copy from old systems | 36% |
| Continuous availability | 36% |
| Third-party BCDR | 32% |
| Something else | 11% |
| We didn’t do anything and did not recover our data | 2% |
| We didn’t lose any data | 13% |
Source: Datto
Can you spot a phishing message? This infographic points out red flags to watch for to sniff them out! DOWNLOAD IT>>
Almost half of businesses expect up to two expensive days of downtime
These days it’s not if you have an incident, it’s when. It pays for businesses to be ready for a cyberattack recovery. A cybersecurity incident or cyberattack is expensive enough without adding on additional downtime and lost revenue. Unfortunately, most of our survey respondents would have up to two days of costly downtime, making solutions and strategies that reduce recovery time appealing to businesses.
Around 45% of businesses endured more than two days of downtime.
| Recovery Time | Response |
| None – we didn’t have any downtime | 12% |
| Less than 1 day | 23% |
| 1 day | 20% |
| 2–3 days | 31% |
| 4–6 days | 10% |
| A week or more | 3% |
| Don’t know | 1% |
| Prefer not to answer | 1% |
Source: Datto
Considering a new dark web monitoring solution? This eBook helps you find the right one for your organization. GET EBOOK>>
SMB IT pros know that cybersecurity has to be an investment priority
SMB tech decision-makers recognize that their organizations face mounting cybersecurity challenges. Many SMBs are subsequently increasing their security investments. There’s room for MSPs to realize revenue growth in many areas including secure identity and access management, endpoint security, business continuity and disaster recovery (BCDR), cyberattack recovery and phishing protection. Today’s world of growing cyber threats for SMBs is a world of increasing security business opportunities for MSPs everywhere.
Top IT security areas SMBs plan to invest in the next 12 months
| Area of Investment | Response |
| Network security | 47% |
| Cloud security | 45% |
| Cyber insurance | 36% |
| Email/ collaboration tools security | 29% |
| Endpoint security | 27% |
| Vulnerability assessment | 26% |
| Business continuity & disaster recovery (BCDR) | 25% |
| Don’t know | 5% |
Source: Datto
Mitigate the risk of cybersecurity trouble with our solutions
Our complete array of innovative security solutions can help keep businesses safe from cybersecurity disasters effectively and affordably.
Security awareness and compliance training plus phishing simulation
BullPhish ID is the ideal security and compliance awareness training solution for companies of any size. This powerhouse is the channel leader in phishing simulations.
- An extensive library of security and compliance training videos in eight languages
- Plug-and-play or customizable phishing training campaign kits
- New videos arrive 4x per month and new phishing kits are added regularly
Dark web monitoring
Dark Web ID offers best-in-class dark web intelligence, reducing credential compromise risk.
- 24/7/365 monitoring using real-time, machine and analyst-validated data
- Fast alerts of compromises of business and personal credentials, including domains, IP addresses and email addresses
- Live dark web searches find compromised credentials in seconds
- Create clear and visually engaging risk reports
Automated, AI-powered antiphishing email security
Graphus AI-enabled, automated email security that catches 99.9% of sophisticated phishing threats and offers amazing benefits.
- Forget old-fashioned safe sender lists. Graphus analyzes the content of messages using more than 50 points of comparison to suss out fakes fast
- Cloud-native security harnesses machine learning to inform AI using a patented algorithm.
- 3 layers of powerful protection at half the cost of competing solutions
- Don’t waste time on fussy configurations or adding threat reports. AI does that for you, getting everything up and running with just a few clicks and minimal maintenance
Managed SOC
Get the top Managed SOC that leverages our Threat Monitoring Platform to give you access to an elite team of security veterans hunt, triage and work with your team when actionable threats are discovered
- Detect malicious and suspicious activity across three critical attack vectors: Endpoint, Network & Cloud
- Patent-pending cloud-based technology eliminates the need for on-prem hardware
- Discover adversaries that evade traditional cyber defenses such as Firewalls and AV
Read case studies of MSPs and businesses that have conquered challenges using Kaseya’s Security Suite. SEE CASE STUDIES>>