The Distributed Crisis: Rubrik Report on State of Cyber Resilience

The state of data security is in flux—and according to Rubrik's recent report, it's not trending in the right direction. Based on a global survey of more than 1,600 security and IT leaders, The State of Data Security in 2025: A Distributed Crisis paints a sobering picture of organizations struggling to keep up with the scale and complexity of modern threats—especially when it comes to data recovery.

As Rubrik CEO Bipul Sinha puts it, "It's no longer about if you'll get hit, but how quickly you can recover when you do."

The report highlights five critical themes that underscore the vulnerabilities many organizations face.

1. Data recovery is the new battleground

• 64% of respondents said they paid a ransom, yet 57% were still unable to recover their data.

• Alarmingly, only 56% of executives are confident they can recover from a cyberattack.

"Organizations aren't struggling with detection alone—they're struggling with resilience," Sinha said.

2. Too many tools, too little integration

Respondents reported using more than 40 cybersecurity and observability tools on average—but these tools are often siloed and lack cohesive orchestration.

"It's death by dashboard," one survey respondent remarked, highlighting tool sprawl that contributes more to alert fatigue than clarity.

3. Security gaps in the data layer

Despite massive investments in perimeter defenses, less than 40% of organizations protect data across both production and backup environments.

"Data is the last line of defense," the report states, yet many organizations treat backup systems as an afterthought, leaving them vulnerable to attackers who target recovery capabilities directly.

4. Boards are engaged—but confidence lags

While nearly all boards (97%) are now involved in cyber resilience, there's a gap in trust:

• Only 26% of security teams say they're very confident they could report cyber risk to the board in business terms.
• Executives cited a lack of alignment between technical outcomes and business impact as a top communication barrier.

5. AI and automation: hype vs. reality

Despite the promise of AI in cybersecurity, most organizations are still in the early adoption phase. Only 36% of respondents say they've implemented AI for threat detection or response, and even fewer use it for data classification or recovery orchestration.

Rubrik's research doesn't just outline problems; it calls for a fundamental shift in how we think about cyber resilience:

• From prevention to recovery: Recognize that breaches are inevitable, and resilience is defined by how quickly and safely you can restore operations.

• From siloed tooling to integrated platforms: Eliminate redundancy and strengthen signal-to-noise ratios.

• From technical jargon to board-level clarity: CISOs must evolve as communicators, not just technologists.

As the report summarizes: "Data security isn't just an IT problem—it's a business imperative. The organizations that survive and thrive will be the ones who treat recovery as a competitive advantage."