Quest Software finds many organizations not testing DR
Quest Software released results from a global survey of 650 IT and security leaders that identified gaps in Disaster Recovery (DR) testing and identity threat detection and response practices, a finding that the company said had implications for recovery readiness.
Identity has become the primary attack surface, the release said, with identity sprawl across on-premises (on-prem), hybrid, and cloud environments expanding organizations' need to better protect their environments; the document cited a Microsoft study that linked a 57 percent increase in security incidents to Artificial Intelligence (AI) usage and reported an estimated 82:1 ratio of machine identities to human identities.
The release referenced the NIST Cybersecurity Framework as a source of guidelines, noting the framework’s six core components: identify, protect, detect, respond, recover, and govern; it also described Quest Software’s approach to identity protection across Active Directory and Entra ID and stated that Quest automated recovery 90 percent faster and improved mean time to response by 44 percent.
The survey listed four key findings: only 24 percent of organizations tested DR every six months, while 24 percent said they never tested; 79 percent expressed confidence that AI tools could improve ITDR effectiveness; 51 percent identified non-human identities as the most difficult to secure, with third-party and partner accounts, service accounts, and legacy systems also noted; and 78 percent cited proactive threat management as the primary driver for implementing ITDR. The release also reported that 57 percent of respondents said they had an ITDR practice, up from 48 percent a year earlier, and that 92 percent agreed they received benefits from ITDR, up from 84 percent previously.
“Our survey findings make one point abundantly clear: identity security challenges are broad, interconnected, and steadily growing,” said Michael Laudon, Chief Product and Technology Officer, Quest Software. “Identity systems are at the center of most environments, connecting users, applications, data, automation, and cloud services. When those systems are compromised, attackers gain immediate access and, in many cases, control over how quickly an organization can respond and recover. Many organizations still lack full visibility into their identity landscape and struggle to manage expanding workloads across hybrid environments, and most teams are not validating recovery often enough to ensure rapid restoration after an attack.”