A groundbreaking report from Rubrik Zero Labs, titled The State of Data Security: A Distributed Crisis, reveals a staggering reality for global IT and cybersecurity leaders: 90% of surveyed professionals have experienced cyberattacks within the last year, with many facing relentless assaults on their hybrid cloud environments.
Drawing from Rubrik telemetry, Wakefield Research surveys of over 1,600 IT and security leaders across 10 countries, and insights from industry giants like CrowdStrike and Microsoft, the study paints a dire picture of the escalating risks in distributed IT ecosystems.
As businesses increasingly adopt hybrid on-premises and cloud setups for scalability and innovation-90% of IT leaders confirm managing such environments-the complexity of securing data across multiple platforms has become a critical challenge, leaving organizations vulnerable to sophisticated threats.
.png
)
Threat Actors Exploit Identity-Based Vulnerabilities
The report highlights a seismic shift in cyberattack methodologies, with identity-based attacks now accounting for nearly 80% of all incidents, a sharp rise driven by techniques such as valid credential abuse and social engineering.
CrowdStrike’s 2025 Global Threat Report notes a 26% increase in cloud intrusions in 2024, with attackers exploiting cloud management tools for lateral movement and slashing breakout times to an average of 48 minutes-down from 62 minutes in 2023-with the fastest recorded at just 51 seconds.
Microsoft reports blocking over 600 million identity-based attacks daily, underscoring how adversaries are “logging in” rather than “breaking in,” bypassing traditional malware defenses.
This evolution has dire consequences: 86% of companies facing ransomware extortion paid the ransom in 2024, and 74% reported attackers successfully harming backup and recovery systems, exacerbating data loss and operational downtime.
The survey also reveals that 18% of leaders endured attacks at least every other week, facing threats across 10 or more vectors, from phishing to cloud-specific breaches.
Amid this crisis, the report identifies systemic gaps in data security preparedness, particularly in cloud and SaaS environments where backup strategies lag behind robust on-premises practices.
Many organizations mistakenly rely on cloud providers’ native tools for protection, ignoring the need for unified backup and recovery policies, as illustrated by the 2017 GitLab incident where inadequate cloud backups led to six hours of critical data loss.
IT leaders cite challenges like lack of visibility (25%), centralized management deficits (30%), and securing sensitive data across environments (35%) as primary hurdles.
Rubrik urges a proactive approach: organizations must prioritize locating and classifying sensitive data-often comprising personal, financial, and intellectual property information-and enforce stringent policies supported by automation to manage sprawling data landscapes.
Automated backups, threat detection, and identity management are critical to reducing human error and ensuring rapid recovery, especially as sensitive data in platforms like Amazon S3, OneDrive, and SharePoint remains a prime target.
With hybrid environments now integral to corporate workflows, the report warns that without strategic action, this silent crisis will only deepen, leaving businesses exposed to relentless cyber threats.
Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates!
