The C-level thinks disaster recovery is solid: IT says …

Disconnect with higher-ups is never a good thing. And according to a recent study, the miscommunication between IT and company leaders is stark and dangerous.

Disaster Recovery (DR) is obviously a huge topic for organizations. In an age where almost everyone gets breached, the question becomes not whether you’ll be a victim, but how well and how quickly you can recover from attacks.need help with work 2

A big problem, however, is that many C-level executives seem to think the answer is that they’re prepared to recover quite well. And IT pros don’t seem to agree.

Dangerous disconnect

A recent eBook by Bluelock, a business continuity vendor, highlights a stark difference between how IT and executives see their ability to effectively recover after a security incident.

It shouldn’t be too surprising that DR isn’t quite up to snuff considering that very few representatives from either group thought it was well-funded. Only a third of executives (34%) said they felt their funding for IT disaster recovery efforts was “very good.” And just 19% of IT professionals agreed.

Despite this lack of funding, three-quarters (73%) of executives surveyed said they had high confidence in their companies’ ability to recover systems within time objectives. But fewer than half (45%) of IT professionals shared that optimistic outlook.

And perhaps most damaging of all, 80% of IT professionals said they placed a high value on recovering from technology-related disruptions. Yet only half (50%) of business executives agreed.

That ultimately leads to a big problem of perceptions: While 85% of executives felt they had a good grasp on their current disaster recovery plan and ability to recover, 51% of IT pros said the same.

What’s holding them back?

So why are companies going forward with disaster recovery plans they feel are underfunded and probably not robust enough? The top reason, according to the survey, is that it’s taking a back seat to other priorities.

Other reasons: About a third of executives see it as too time-consuming, and more than a fifth of IT pros said it was too expensive.

What to do

It’s hard to go into an executive’s office and say, “You don’t understand how big of a problem this is.” And it could be a very unwise career move, frankly.

What’s left? Show them.

As part of regular security briefings be sure to highlight what the fallout of a breach or outage would be to your organization. Not general fallout, but the actual fallout to your organization.

Use phrases like “At current levels” or “If this were to happen to us today” to hammer home the point that you’re not talking about some abstract threat to businesses. You’re explaining why added protections or resources may be needed.

Make Smarter Tech Decisions

Get the latest IT news, trends, and insights - delivered weekly.

Privacy Policy