Commvault

48% of New Yorkers stated they have been the victim of a cyberattack at least once.

53% of New Yorkers try to follow best practices like using two-factor authentication when using public WiFi, while 15% report using no security measures at all.

38% of New Yorkers reported they have already stopped using a service because they did not trust it to protect their data.

44% of New Yorkers use unique passwords for all of their accounts, while 56% reported reusing passwords across multiple accounts.

49% of New Yorkers avoid accessing sensitive information like banking accounts and email when on public WiFi.

Over 85% of New Yorkers indicated they would (41.8%) or might (43.7%) stop using a company if it suffered a data breach.

61% of UK organisations have created defined runbooks, roles, and processes for incident responses, which is ahead of the global average of 41%.

93% of UK businesses have experienced a business-critical cyber incident.

UK organisations are 11% less likely to have tested their recovery plans within the last month compared to other countries.

65% of UK organisations have an inventory of business-critical systems and dependencies, which is ahead of the global average of 50%.

Only 36% of UK organisations strongly believe that they should prioritise the minimum viability approach.

52% of UK organisations stated that the biggest challenge to achieving Minimum Viability Company (MVC) status is the complexity of existing systems and applications.

Almost a third (30%) of UK organisations cited difficulties separating 'core' systems from less business-critical, 'broader' operations as another primary barrier to achieving Minimum Viability Company (MVC) status.

47% of UK organisations cited the struggle to keep recovery plans in line with changing business needs as the biggest challenge to achieving Minimum Viability Company (MVC) status.

57% of business-critical incidents in the UK occurred in the past 18 months.

Only 7% of the UK businesses surveyed reported never having experienced a "business-critical" incident, which is less than the 14% reported for the rest of the world.

UK organisations are 21% less likely to have a dedicated environment in which to recover compared to other countries.

More than a third (34%) of UK business leaders who support a proposed ransom payment ban believe it would lead to increased government support and intervention to safeguard cyber resilience.

94% of UK business leaders support limiting ransom payments for public entities.

99% of UK business leaders support limiting ransom payments for private organisations.

A third (33%) of UK business leaders believe that a ban would decrease the prevalence of ransomware attacks by reducing the incentive for attackers.

In real-world situations within the private sector, if a ransom payment ban were to take hold, only 10% of UK business leaders said they would comply if they were attacked.

96% of surveyed UK business leaders from companies with revenues of £100 million+ believe that ransomware payments should be banned across both public and private sectors.

In real-world situations within the private sector, if a ransom payment ban were to take hold, 15% of UK business leaders said they would be neither likely nor unlikely to comply with such a ban.

Almost all UK respondents (98%) stated that cyber readiness and recovery will be a top spending priority.

75% of UK business leaders who believe ransomware payments should be banned admit they would still pay a ransom if it were the only way to save their organisation, even if a ban was extended to the private sector and civil or criminal penalties applied.