A recent survey conducted by Quest Software indicates that over 75 percent of global organizations are not conducting disaster recovery tests frequently enough. The findings were based on responses from 650 IT and security leaders and emphasize a concerning trend in identity disaster recovery (IDR) practices amidst a rising tide of cyber threats.
The survey highlights that fewer than one-quarter of companies test their disaster recovery plans every six months, which is the recommended frequency. Alarmingly, 24 percent of respondents reported that they never test their disaster recovery strategies at all.
Challenges in Identity Security
As organizations increasingly rely on diverse IT environments, including on-premises, hybrid, and cloud systems, the complexity of managing identity security has grown. The survey indicates that identity has become the primary attack surface, leading to a surge in AI-driven attacks. According to a study by Microsoft, there has been a 57 percent increase in security incidents linked to the use of artificial intelligence.
The rapid expansion of non-human identities has further complicated security efforts. The Quest survey revealed that organizations face an estimated ratio of 82 machine identities for every human identity, making it challenging to maintain visibility and security.
Among the key findings of the survey, 51 percent of respondents identified non-human identities as the most difficult to secure. This was closely followed by third-party and partner accounts at 49 percent, service accounts at 47 percent, and legacy systems at 46 percent.
Despite these challenges, the survey found that 79 percent of participants expressed confidence in AI tools to enhance the effectiveness of identity disaster recovery initiatives. Additionally, 78 percent indicated that proactive threat management was a primary driver for implementing IDR strategies.
Growing Importance of ITDR Practices
The findings also reveal a positive trend in the adoption of identity threat detection and response (ITDR) practices. 57 percent of respondents reported having an ITDR practice in place, an increase from 48 percent in the previous year. Similarly, 92 percent acknowledged the benefits of an ITDR practice, up from 84 percent last year.
Michael Laudon, Chief Product and Technology Officer at Quest Software, commented on the survey results, stating, “Our survey findings make one point abundantly clear: identity security challenges are broad, interconnected, and steadily growing. Identity systems are at the center of most environments, connecting users, applications, data, automation, and cloud services. When those systems are compromised, attackers gain immediate access and, in many cases, control over how quickly an organization can respond and recover.”
The National Institute of Standards and Technology (NIST) Cybersecurity Framework offers guidelines that assist organizations in managing cybersecurity risks. This framework emphasizes six core components: identify, protect, detect, respond, recover, and govern, to bolster cybersecurity programs.
According to guidance from Gartner, organizations are encouraged to adopt the NIST Framework to enhance their cybersecurity and resilience efforts. Quest Software’s solutions focus on safeguarding critical identity assets across Active Directory and Entra ID, automating recovery processes significantly faster, and improving response times, ultimately saving organizations millions in potential downtime costs.
With over 45,000 companies relying on Quest Software, including more than 90 percent of the Fortune 500, the organization continues to lead the way in addressing the pressing challenges of identity security and disaster recovery. For more information, visit www.quest.com or follow them on LinkedIn, Facebook, and X (formerly Twitter).
For media inquiries, contact Matt Hurst, Head of Corporate Communications at [email protected].
