Skip to content
2026 State of Cyber Recovery: Closing the Gaps Between Storage, Data Protection, and Cybersecurity
*
1.
Which of the following best describes your current environment for production data?
(Required.)
Primarily on-premises (little or no public cloud)
Hybrid/mixed on-premises and public cloud
Mostly public cloud with minimal on-premises workloads
Fully public cloud
Not sure
*
2.
Which statement best describes your current unstructured data volume (files, documents, media, logs)?
(Required.)
Growing slower than 10% per year
Growing 10–30% per year
Growing over 30% per year
Don’t track unstructured data growth
Not sure
3.
How concerned are you about each of the following data security and recovery challenges?
Not concerned
Slightly concerned
Moderately concerned
Very concerned
Extremely concerned
Being unable to locate a safe/clean recovery point after an attack
Not concerned
Slightly concerned
Moderately concerned
Very concerned
Extremely concerned
Rapid data growth outpacing protection methods
Not concerned
Slightly concerned
Moderately concerned
Very concerned
Extremely concerned
Meeting compliance and regulatory requirements
Not concerned
Slightly concerned
Moderately concerned
Very concerned
Extremely concerned
Unpredictable restore times (RTO)
Not concerned
Slightly concerned
Moderately concerned
Very concerned
Extremely concerned
Keeping backups immutable from ransomware
Not concerned
Slightly concerned
Moderately concerned
Very concerned
Extremely concerned
*
4.
How frequently do cyberattacks or attempted cyber incidents typically target your organization?
(Required.)
Multiple times per week
Multiple times per month
A few times a year
Rarely (1 or 2 times a year or less)
Not sure/no visibility
*
5.
In the past 12 months, have you experienced a successful ransomware or cyberattack that compromised or attempted to compromise your backups/snapshots?
(Required.)
Yes, multiple times
Yes, at least once
Unsure if backups were targeted or impacted
No, not to my knowledge
*
6.
When restoring data after a potential compromise, how quickly can you identify a guaranteed “clean” snapshot or backup?
(Required.)
Within minutes
1–3 hours
4–12 hours
Over 12 hours
We do not have a formal process to verify “clean” backups
*
7.
Does your organization currently use snapshots or backups that are truly indelible and immutable (i.e., cannot be modified or deleted, even by an admin)?
(Required.)
Yes, both on primary storage and backup repository
Yes, but only on backup storage
Yes, but only on primary snapshots
No, we rely on encryption access controls only
Unsure
*
8.
Which statement best describes your approach to detecting malware or anomalies within backup snapshots?
(Required.)
We have integrated threat scanning and automated alerts
We conduct manual scanning only after an incident is suspected
We rely on separate security tools that are not integrated with backups
We do not scan backups for threats
Not sure
9.
How important is near-zero RTO (e.g., recovering hundreds of TBs in minutes) for your mission-critical applications?
Absolutely critical; we cannot tolerate major downtime
Very important; significant downtime is costly
Moderately important; we may accept some downtime
Only important for certain workloads
Not a priority; we can tolerate extended downtime
Absolutely critical; we cannot tolerate major downtime
Very important; significant downtime is costly
Moderately important; we may accept some downtime
Only important for certain workloads
Not a priority; we can tolerate extended downtime
*
10.
Realistically, how long does it take your organization to recover multiple terabytes of data if your primary storage is compromised?
(Required.)
Under 1 hour
1–8 hours
8–24 hours
Over 24 hours
Not sure / never tested at scale
*
11.
How do you currently identify compromised or at-risk snapshots/backups?
(Required.)
Fully automated detection and tagging across primary and backup storage
Partially automated detection; some manual investigation required
Manual review of snapshots/backups
We rely on security tools, but they are not integrated with storage/backup systems
We do not have a defined process
Other (please specify)
*
12.
How challenging is your current process for identifying compromised snapshots/backups?
(Required.)
Very challenging; time-consuming, error-prone, or slows recovery significantly
Moderately challenging; some delays or manual work
Slightly challenging; manageable but could be improved
Not challenging; the process is efficient today
Not sure / no visibility
*
13.
Would automatically tagging compromised snapshots across BOTH primary storage and backup repositories significantly reduce your recovery time and complexity?
(Required.)
Yes, that would be a game-changer
Yes, it would help somewhat
Not sure—we would need to evaluate further
No, we have another method for identifying compromised data
*
14.
Which best describes your data protection workflow?
(Required.)
Fully automated discovery and policy-driven backups across on-prem, cloud, and SaaS
Partially automated; some workloads must be configured manually
Mostly manual backup workflows with minimal automation
Not sure
*
15.
Which of the following best describes your organization’s current level of confidence in restoring systems from backups without risking malware reinfection?
(Required.)
Extremely confident; we have integrated scanning and validation
Fairly confident; we do partial scanning or layered checks
Somewhat confident; unverified backups but basic checks
Uncertain; no formal process for verifying “clean” backups
Not confident; we do not check backups before restoring
*
16.
Are you planning to upgrade or invest in new data protection or primary storage infrastructure within the next 12 months?
(Required.)
Yes, we have budget allocated and are evaluating solutions
Possibly, depending on security requirements and budget
Not in the next 12 months
Not sure/no plans at this time
*
17.
Which would most motivate you to adopt a fully integrated cyber resilience solution combining primary storage, immutable backups, and threat detection? (Select up to two)
(Required.)
Faster restores and near-zero RTO
Ability to identify and isolate compromised snapshots automatically
Lower risk of paying ransoms or downtime costs
Compliance/regulatory requirements (e.g., data immutability)
Reducing complexity with a single solution
Unsure or no immediate plans
Demographics
────────────────────────────────────────────────────────
Job Title/Primary Role
*
18.
Which of the following best describes your primary role or area of responsibility?
(Required.)
Chief Information Security Officer (CISO) / Security Executive
Chief Information Officer (CIO) / IT Executive
IT Infrastructure / Data Center / Operations Leader
Storage / Backup / Recovery Administrator
Security / Risk / Compliance Manager
Cloud / DevOps / Platform Engineering Lead
Other IT or Business Leader (please specify)
Organization Size (by Employees)
*
19.
Approximately how many employees work in your organization globally?
(Required.)
Fewer than 500
500–999
1,000–4,999
5,000–9,999
10,000–24,999
25,000 or more
Prefer not to say
Industry/Sector
*
20.
Which best describes your organization’s primary industry or sector?
(Required.)
Financial services / Banking / Insurance
Healthcare / Life sciences
Government / Public sector
Manufacturing / Industrial
Energy / Utilities
Technology / Software / Cloud services
Retail / Consumer goods / eCommerce
Education / Research
Other (please specify)
Region/Geography
*
21.
Where is your organization primarily headquartered or where you are based?
(Required.)
North America (U.S., Canada)
Europe, Middle East & Africa (EMEA)
Asia-Pacific (APAC)
Latin America (LATAM)
Other / Global organization