Please fill in the form below to subscribe to our blog

Cyberattack Recovery is Uncertain for Almost Half of Businesses

February 02, 2023
a caucasian man in business attire puts his hands on his head in shock in front of a server rack

Businesses aren’t ready to get back to work after a cyberattack

Is your organization ready to handle a cybersecurity incident that hampers your access to systems and data? It’s a likely scenario for businesses of any size. About one-third of companies worldwide have experienced a ransomware attack or breach that blocked access to their systems or data. Unfortunately, far too many organizations aren’t ready for trouble. For the Datto SMB Cybersecurity Survey for MSPs Report, we asked more than 2900 IT decision-makers at small and mid-sized businesses (SMBs) worldwide to tell us about their readiness to handle a cyberattack recovery. What we found is that a surprisingly large number of businesses aren’t ready for trouble.  

Excerpted from the Datto SMB Cybersecurity Survey for MSPs Report DOWNLOAD IT NOW>> 

Businesses get the message that a cyberattack recovery plan is a business essential   

When it comes to having a cybersecurity disaster recovery plan in place, over half of respondents said that they have a standard recovery plan ready to go. However, some businesses still need serious help making a cyberattack recovery plan, creating opportunities for MSPs to help them be ready for trouble. That’s also a ripe opportunity for MSPs to guide clients into investing in the resources they’ll need to enact that plan, like BCDR or remote identity and access management tools.  

Eight in 10 survey respondents (81%) said that their company has a recovery plan in place. 

Recovery Plan Status Respondents 
We have a best-in-class recovery plan in place 29% 
We have a standard recovery plan in place 52% 
We have solutions to protect us, but do not have a formal recovery plan in place 14% 
We do not have any recovery plan in place 2% 
I believe my service provider has a recovery plan in place, but I do not know the details 3% 

Source: Datto 

See how security awareness training stops the biggest security threats! GET INFOGRAPHIC>>

About half of SMBs face a painful cyberattack recovery  

Many businesses would seriously suffer if they had to enact a recovery plan, and one disaster just might be enough to put a substantial amount of companies out of business. Just under one-fifth of respondents told us that their organization would be doomed in the event of a successful cyberattack or another damaging cybersecurity incident, and 47% said they believe recovery would be difficult. 

Just under half of the survey respondents (47%) said that their companies are likely to recover from a cyberattack or cybersecurity incident, but it would be painful. 

Outcome Response 
Recovery would be easy 37% 
Recovery would be difficult 47% 
We would not recover 16%  

 Source: Datto 

What worries security pros? The Kaseya Security Insights Report 2022 tells you. GET YOUR REPORT>>

Successful disaster recovery is easier said than done 

SMBs need help with disaster recovery. Often, businesses have no choice but to clear the slate and start from scratch, adding expense and complexity to an already financially damaging situation. One-fifth of respondents were forced to reinstall and reconfigure all systems from scratch to get back to work. MSPs can provide SMBs with the help that they need to improve their backup and recovery processes.   

Action taken to return to baseline Response 
Performed disaster recovery (DR) and restored everything from full backups   30% 
Restored a portion of the systems, and reinstalled and reconfigured the rest   29% 
Reinstalled and reconfigured all our systems from scratch   21% 
Paid the ransom to have our data decrypted   2% 
Did not pay the ransom and lost our data completely   2% 
Paid the ransom but still could not decrypt our data, losing it completely   1% 
Could not recover and have closed/are closing our business   1% 
Something else 1% 
No action was needed   10% 

 Source: Datto 

See how Managed SOC gives businesses an essential edge against cyberattacks. DOWNLOAD INFO SHEET>>

Downtime costs $126k on average  

Downtime is an expensive problem that nearly half of our respondents contended with in the past year. The business impact and punishing expense of downtime present MSPs with a pathway to recommend solutions, like BCDR, that will reduce downtime in the case of a cyberattack recovery. The cost of downtime also highlights the importance of taking action to prevent an incident through security awareness training and other preventative measures. 

$126,000 is the average cost of the downtime, including lost revenue 

Cost of Downtime Response 
$1,000 to less than $250,000   84% 
$250,000 to less than $500,000   8% 
$500,000 to less than $750,000   4% 
$750,000 to less than $1 million   3% 
$1 million or more   1%  

 Source: Datto 

Get 10 tips to help you build a strong security culture & reduce your risk of cybersecurity trouble! GET INFOGRAPHIC>>

Manual backup is still the top data disaster & cyberattack recovery method 

Just under half of the survey respondents (49%) said that their organizations relied on manual backup to recover data in their last cybersecurity incident. That means that half of the businesses we surveyed need to update to cloud backup and learn the benefits of BCDR — a big opportunity score for MSPs.  

Top solutions or methods used to recover data 

Recovery Method Response 
Manual backup 49% 
Copy from old systems 36% 
Continuous availability 36% 
Third-party BCDR 32% 
Something else 11% 
We didn’t do anything and did not recover our data 2% 
We didn’t lose any data 13%  

 Source: Datto 

Can you spot a phishing message? This infographic points out red flags to watch for to sniff them out! DOWNLOAD IT>>

Almost half of businesses expect up to two expensive days of downtime

These days it’s not if you have an incident, it’s when. It pays for businesses to be ready for a cyberattack recovery. A cybersecurity incident or cyberattack is expensive enough without adding on additional downtime and lost revenue. Unfortunately, most of our survey respondents would have up to two days of costly downtime, making solutions and strategies that reduce recovery time appealing to businesses.  

Around 45% of businesses endured more than two days of downtime. 

Recovery Time Response 
None – we didn’t have any downtime 12% 
Less than 1 day   23% 
1 day 20% 
2–3 days 31% 
4–6 days   10% 
A week or more 3% 
Don’t know 1% 
Prefer not to answer 1% 

 Source: Datto 

Considering a new dark web monitoring solution? This eBook helps you find the right one for your organization. GET EBOOK>>

SMB IT pros know that cybersecurity has to be an investment priority 

SMB tech decision-makers recognize that their organizations face mounting cybersecurity challenges. Many SMBs are subsequently increasing their security investments. There’s room for MSPs to realize revenue growth in many areas including secure identity and access management, endpoint security, business continuity and disaster recovery (BCDR), cyberattack recovery and phishing protection. Today’s world of growing cyber threats for SMBs is a world of increasing security business opportunities for MSPs everywhere.  

Top IT security areas SMBs plan to invest in the next 12 months  

Area of Investment  Response  
Network security  47%  
Cloud security  45%  
Cyber insurance  36%  
Email/ collaboration tools security  29%  
Endpoint security  27%  
Vulnerability assessment  26%  
Business continuity & disaster recovery (BCDR)  25%  
Don’t know  5% 

Source: Datto 

Mitigate the risk of cybersecurity trouble with our solutions

Our complete array of innovative security solutions can help keep businesses safe from cybersecurity disasters effectively and affordably. 

Security awareness and compliance training plus phishing simulation         

BullPhish ID is the ideal security and compliance awareness training solution for companies of any size.  This powerhouse is the channel leader in phishing simulations.   

  • An extensive library of security and compliance training videos in eight languages       
  • Plug-and-play or customizable phishing training campaign kits       
  • New videos arrive 4x per month and new phishing kits are added regularly          

Dark web monitoring           

Dark Web ID offers best-in-class dark web intelligence, reducing credential compromise risk.          

  • 24/7/365 monitoring using real-time, machine and analyst-validated data            
  • Fast alerts of compromises of business and personal credentials, including domains, IP addresses and email addresses          
  • Live dark web searches find compromised credentials in seconds       
  • Create clear and visually engaging risk reports          

Automated, AI-powered antiphishing email security      

Graphus AI-enabled, automated email security that catches 99.9% of sophisticated phishing threats and offers amazing benefits.       

  • Forget old-fashioned safe sender lists. Graphus analyzes the content of messages using more than 50 points of comparison to suss out fakes fast         
  • Cloud-native security harnesses machine learning to inform AI using a patented algorithm.        
  • 3 layers of powerful protection at half the cost of competing solutions        
  • Don’t waste time on fussy configurations or adding threat reports. AI does that for you, getting everything up and running with just a few clicks and minimal maintenance    

Managed SOC  

Get the top Managed SOC that leverages our Threat Monitoring Platform to give you access to an elite team of security veterans hunt, triage and work with your team when actionable threats are discovered  

  • Detect malicious and suspicious activity across three critical attack vectors: Endpoint, Network & Cloud  
  • Patent-pending cloud-based technology eliminates the need for on-prem hardware  
  • Discover adversaries that evade traditional cyber defenses such as Firewalls and AV 

dark web threats

Read case studies of MSPs and businesses that have conquered challenges using Kaseya’s Security Suite. SEE CASE STUDIES>>

let us help secure you against passwords reuse with contact information and the ID Agent logo on grey.

Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!


Check out an on-demand video demo of BullPhish ID or Dark Web ID WATCH NOW>>

See Graphus in action in an on-demand video demo WATCH NOW>>

Book your demo of Dark Web ID, BullPhish ID, RocketCyber or Graphus now!