In the modern digital world, data is everything.

Regardless of what business you run or which industry you operate in, you’ll be dealing with volumes of data. 

Every piece of personal data can be used by cybercriminals to help them steal funds and even identities.

It’s essential to have the best possible security measures in place. 

However, even with these measures in place, you can still have data stolen or find your business suffering from natural disasters and other issues beyond your control.

That’s when you need a disaster recovery plan. 

The following disaster recovery statistics will help you understand the risks and take the necessary steps to defend yourself. 

Key Statistics

• Between 2019 and 2022, 96% of businesses experienced downtime
• 20% of businesses have faced serious outages within the past three years
• The average cost per hour of downtime to a large organization is $300,000
• 48% of businesses have found malware in their systems
• 24% of businesses had downtime due to out-of-date hardware
• 95% of disasters are human or hardware/software failures
• 37% of businesses experienced a ransomware attack
• 83% of companies have suffered multiple data breaches
• 20% of data breaches rely on employees!
• Nearly half of breaches are cloud based
• Roughly half of businesses can recover within 12 hours
• 58% of data backups fail
• Only 54% of businesses have a disaster recovery plan
• Over 90% of small businesses don’t have cyber insurance
• 97% of ransomware attacks attempt to infect backups
• A data centre hard drive lasts just three years
• The healthcare industry has the highest average data breach cost

Top Disaster Recovery Statistics in 2024

1. Between 2019 And 2022, 96% Of Businesses Experienced Downtime

The biggest issue for most businesses isn’t generally the disaster.

In many cases, this has no effect on the business’s ability to produce products or make sales.  

Instead, the biggest problem is that the disaster knocks the business offline.

This doesn’t just mean on the internet, it can also mean physically as people can purchase through the physical premises. 

Downtime, no matter how short, will cost a company money in terms of lost sales.

It can also damage its reputation, and even cause financial issues. 

Unfortunately, according to the 2023 LogicMonitor survey, 96% of businesses have experienced downtime at least once in the past year.

For many businesses, it’s happened multiple times. 

The result can be significant costs to the business. It’s little wonder that it’s most businesses’ biggest fear. 

(LogicMonitor)

2. 20% Of Businesses Have Faced Serious Outages Within The Past Three Years

Downtime is bad, but when it happens repeatedly it’s a serious issue.

Businesses which have frequent occurrences of downtime are likely to lose customers, sales, and they’ll need to ask themselves some serious questions regarding why the outages keep occurring. 

Any outage which causes a disruption to production or supply is an issue, no matter how long or short it is. 

What’s surprising is that a recent survey found that 20% of businesses have experienced a serious outage issue within the last twelve months. 

Businesses which experience frequent or serious outages need to locate the source of the issue and resolve it as soon as possible.

If they don’t, the disruption to the business and damage to its reputation could prove fatal. 

(Business Wire)

3. The Average Cost Per Hour Of Downtime To A Large Organization Is $300,000

The cost of downtime varies from business to business. In many cases, it will be dependent on what’s affected.

For example, downtime in a factory could disrupt production and change the supply schedule.

This can lead to clients going elsewhere for a product. That’s a sale lost and potentially any future sales. 

When you factor all the costs into consideration, both the immediate and long-term costs, it can cost a large business as much as $300,000 for just one hour of downtime. 

That’s a significant encouragement to get the downtime issue resolved and the business operational again. 

It’s worth noting that a survey by LogicMonitor found any business suffering frequent downtimes was likely to have their costs increased.

In fact, they could end up being as much as 16 times higher than other comparable businesses. 

Of course, you can’t prevent every downtime. But, you can reduce the likelihood of one happening. 

(ITIC 2021 Survey)

4. 48% Of Businesses Have Found Malware In Their Systems

Malware can be a serious issue for any organization.

On the one hand, it can remove data from the system, causing serious issues for anyone relying on the data.

Malware can also extract personal and financial records, again causing serious issues. 

However, perhaps the biggest concern of malware is that it is often capable of crashing your system. Depending on the severity and the type of malware, it can take hours or even days to remove it all and restart your systems.

That’s potentially a lot of downtime, lost sales, and other issues. 

What is more concerning is the potential damage to the business’s reputation.

Malware is, by nature, devious, meaning that many businesses may not realize they are infected until it’s too late. 

A recent survey found that nearly half of all businesses had found malware on their systems.

The survey doesn’t look at how many issues or how much damage occurred, but it does reflect the seriousness of the issue. 

(Cisco)

5. 24% Of Businesses Had Downtime Due To Out-Of-Date Hardware

Mention downtime and many people will assume it’s the result of a power outage, perhaps an overload but more likely damage to the power cables somewhere, perhaps caused by a storm or some other natural disaster. 

However, a recent ITIC survey found that 24% of businesses had downtime simply because their hardware was out-of-date.

Hardware which is out-of-date may not integrate with the latest app instalments.

It can also struggle simply because it is old, making it unreliable and prone to failure. 

The biggest concern is that many businesses forget to look after their systems.

By not keeping them up-to-date and working as efficiently as possible, a business will increase the likelihood of server failure.

It can be complicated to get the system running again if the software or hardware is out of date, meaning that the downtime could be significantly longer than it should be. 

(ITIC)

6. 95% Of Disasters Are Human Or Hardware/Software Failures

Seagate is one of the best-known names in storage solutions.

As such, they are uniquely positioned to see what generally causes a disaster and how a business can recover. 

What may interest you is that only 5% of disasters are caused by natural occurrences, such as hurricanes, floods, fires, etc.

The majority of issues are a result of hardware failing, software being out of date, incompatible, or simply failing, and even human errors.

While all businesses should be prepared for a natural disaster, they should also focus on keeping software and hardware working properly and in harmony. This will reduce the likelihood of hardware and software failures affecting the business. 

(Seagate)

7. 37% Of Businesses Experienced A Ransomware Attack

Ransomware attacks can be particularly nasty. The cybercriminal will generally find a way into your system and then corrupt your data.

You’ll no longer be able to see or access the data.

In order to get your data back you’ll have to pay a ransom to the cybercriminal.

They then release your data and you can continue your operations.

It should be noted that this approach often leads to corrupted data.

In other words, even after paying the ransom demand, your files may be corrupted and you’ll be unable to access the data. 

The latest figures show that 37% of businesses experienced at least one ransomware attack in the last year. 

The good news is that 37% of businesses having a ransomware attack is better than it has been.

There used to be a significantly higher proportion of ransomware attacks.

Of course, now is not the time to be complacent. If a cyber attacker feels your business is vulnerable they will focus their efforts on it.

(Sophos)

8. 83% Of Companies Have Suffered Multiple Data Breaches

According to a 2022 report by IBM, the majority of companies have experienced a data breach.

In fact, the report found that 83% of respondents had experienced multiple data breaches during 2022.

A data breach is defined as when the data is accessed by someone other than those authorized to do so.

That could mean the business has been infected with malware, a hacker has gained access to data, or the system has been compromised in some way. 

The result can be a serious headache for the company as it deals with people looking to check on their data, people who have lost data, and a variety of privacy concerns from those who have lost data, and those who haven’t. 

Of course, it’s also an issue for individuals as they have to verify whether their data has been affected and what precautions they need to take. 

The truth is most businesses experience a data breach, and cybercriminals will try again. 

(IBM)

9. 20% Of Data Breaches Rely On Employees!

This is perhaps the most shocking statistic on the list and one that everyone concerned with disaster recovery should be aware of. 

According to the Verizon 2022 Data Breach report, 20% of businesses which suffered a breach in the last twelve months were aided by an employee.

In most cases, it was employees who already had access to sensitive and confidential data, they simply allowed a hacker to access it or even took the data for someone else.

The report found that the majority of employees undertaking this type of action did so simply for financial gain. 

It confirms that all businesses should upgrade their security measures, especially when it comes to sensitive data access.

A two-person authorization process is advisable.  

(Verizon)

10. Nearly Half Of Breaches Are Cloud-Based

The majority of businesses and individuals believe that their data is safe if it’s in the cloud.

It can be accessed from anywhere and the cloud host will look after it while protecting it from cybercriminals. 

However, the truth is data loss happens in the cloud as well as on your local servers.

According to a survey completed by IBM in 2021 as many as 45% of all data breaches involved cloud-based data.

That’s alongside human error when employees accidentally overwrite or delete data. 

In short, every business needs to assess how its data is stored and ensure there are adequate up-to-date copies of it to help recover from a data breach. 

(IBM),   

11. Roughly Half Of Businesses can Recover Within 12 Hours

Disasters happen and while you should be doing everything you can to avoid them happening, there are some things which are beyond your control.

That’s why, you should consider what can go wrong and create a plan to deal with a variety of different scenarios.

The faster you can recover from a disaster the better for your business and your reputation. 

According to a 2022 survey by Continuity Central, only 52% of businesses successfully restored their operating systems and data within 12 hours of a disaster. 

A staggering 29% of businesses took over 24 hours to get back to operational mode.

What’s most concerning about this is that the survey found 83% of businesses admitted that anything more than 12 hours of downtime would be seriously damaging to their business.

This is likely to be the reason why over half of all small businesses which suffered data loss closed within six months of the breach. 

In short, it doesn’t matter how big or small your business is, you need to upgrade your cybersecurity measures and how you backup your data.

Even more important, make sure you check the backups periodically.  

(Continuity Central)

12. 58% Of Data Backups Fail

Backing up your data is seen as the safest way to ensure you can quickly recover from any disaster. 

The premise is simple, back up your data every night and, if a disaster happens, you’ll have a backup of everything.

The most you’ll lose is a day of business.

The majority of businesses can cope with this and the idea they have to re-input one day’s worth of data. 

Unfortunately, it’s not that simple! According to a reticent report by Veeam, 58% of data backups simply fail. It can be due to an issue with the backup method.

For example, a USB stick can be damaged. 

However, it can also be because your backup system is ancient, you’ve never upgraded it because you’ve never needed it. 

Using outdated technology to backup your files is a recipe for disaster when you most need the data. 

Alongside using the latest data backup options, make sure you check and test the backup data periodically.

It could save you a lot of problems. 

(Veeam)

13. Only 54% Of Businesses Have A Disaster Recovery Plan

Although we live in a digital age where data is everything, just 54% of organizations asked in a  recent survey have a disaster recovery plan in place. 

The purpose of the recovery plan is more than just ensuring the company data is backed up.

It’s about ensuring the company has premises that can be used, equipment, staff mobility, and everything else that is required to keep the business running with minimal disruption.

This type of plan covers everything from data loss to a natural disaster.

In short, a disaster recovery plan is the best way to keep the business going and avoid being one of the 50% of businesses which fail. 

It’s worth noting that 57% of companies have a second copy of their data but it’s on their premises. That may not be helpful in the case of a natural disaster. 

(archive.org)

14. Over 90% Of Small Businesses Don’t Have Cyber Insurance

Insurance is essential for any organization.

It covers claims from employees and the public, alongside other things which, if the business had to pay for, could cripple it. 

Yet, despite the rise in cybercrimes and data breaches, just 9% of companies currently have cyber insurance. 

Cyber insurance covers the cost of damage to business systems from cybercriminals. It also covers the costs involved in getting the business running again. 

These costs can be significant, often enough to sink a small or new business. In this context, not having cyber insurance is effectively a death sentence for the business. 

(Insurance Bee)

15. 97% Of Ransomware Attacks Attempt To Infect Backups

The idea of backing up to drivers or servers means that you have a replacement copy of your data which can be quickly installed if you encounter a problem. 

For example, ransomware. Instead of paying to release your files, you simply wipe the computers, reinstall the operating systems, and reload the data from your backup. 

Unfortunately, hackers are getting wise to this tactic.

They now target the main system and any backup system, to prevent you from dodging the ransom. 

A recent survey found that 97% of ransomware attacks in 2022 targeted both systems, creating serious issues for the businesses involved. 

This issue is compounded by employees who frequently allow the ransomware in without realizing it. 

In fact, research shows that 54% of ransomware comes via spam or phishing emails.

A further 26% is due to a lack of cyber security training. 

Other common causes include weak passwords, visiting malicious websites, stolen or lost credentials, and a lack of IT solutions, often due to funding issues. 

(Veeam)

16. A Data Centre Hard Drive Lasts Just Three Years

While a large number of organizations have switched to storing data on the cloud, there are still plenty that prefer to back up the data themselves and keep it offsite. 

While this is a reasonable approach, the vast majority of businesses don’t appreciate that a data centre hard drive has a very short life. 

It doesn’t matter if you save the data at work or send it to a dedicated storage facility, you need to maintain the drives. 

Because they are constantly being written and overwritten, the hard drives are constantly being stressed.

This results in them having a short life, as short as three years. 

To reduce the likelihood of data failures, particularly when you need to restore data, you need to replace your hard drives every 2-3 years.

It should be noted that the stress and strain on data centre hard drives is significantly more than when you save it to your own drives.

However, the guideline of replacement every 2-3 years remains a good idea.

(Backblaze)

17. The Healthcare Industry Has The Highest Average Data Breach Cost

The healthcare industry is an obvious target for cybercriminals.

They hold huge amounts of data and, until recently, their cybersecurity measures have been relatively relaxed. 

This is gradually changing but it doesn’t stop them from being targeted by cybercriminals. 

According to the latest figures, the average data breach cost for any organization in the healthcare industry is $10.1 million.

That’s a 9.4% increase in the average data breach cost since 2021 and an impressive 42% increase since 2020.

In short, the healthcare industry is being targeted with even greater intensity and that doesn’t appear to be changing any time soon. 

As such, any healthcare organization should be looking to ramp up their data security and disaster recovery plan.

It’s almost inevitable that they will be targeted in the next twelve months. 

(IBM)

Summing Up

A quick review of the disaster recovery statistics highlights just how ill-prepared most organizations are. 

While it may seem like this is something that happens to other people, the truth is that any business can be a victim of cybercriminals or natural disasters. 

Hackers are increasing the number of attacks and increasingly targeting smaller businesses.

At the same time, the number and intensity of natural disasters is increasing. 

In short, if you’re not prepared for a disaster and don’t have a disaster recovery plan, your organization is likely to struggle when it happens to you.

The odds are it will happen at some point. 

Sources

Related