There’s no knowing when a cyberattack, natural disaster, or equipment failure is going to happen, but this doesn’t mean that organizations can’t be prepared for these events.
There were 3,158 data breaches in the US in 2024, affecting more than 1.35 billion individuals. In the same year, weather-related catastrophes were responsible for more than 90% of the nation’s total losses, which totaled $320 billion. Unsurprisingly, 96% of organizations have a backup and disaster recovery system in place. But these systems must be updated regularly if they are to remain effective.
To find out what 438,183 technology leaders in the US’s opinions were about system updates in data recovery, we utilized AI-driven audience profiling to synthesize insights from online discussions for a year, ending 4 August 2025, to a high statistical confidence level. This enabled us to analyze their views and provide a deeper understanding of their experiences and practices.
How Confident Are You In Your Current Disaster Recovery System's Ability To Handle Emergencies?
35% of US technology leaders have no confidence in their current system’s ability to handle emergencies
There are mixed feelings about backup systems’ ability to handle emergencies:
It’s evident that a significant proportion of tech leaders have little to no confidence in their disaster recovery systems’ ability to handle emergencies. 35% of our audience admit they’re not confident at all, while 13% say they are concerned about their systems. Only 4% say they are moderately confident. Some in our audience expressed slight concern, with their feelings ranging from moderate confidence (9%) to not confident (7%) or concerned (7%).
There were tech leaders who expressed some faith in their systems, although their opinions varied. While some say they have moderate confidence (9%), others say they have some concerns (7%) or aren’t confident (7%).
Our audience’s concerns are entirely justified. Reports show that just 13% of organizations fully recover all their data after a ransomware attack, and a whopping 44% lack the ability to quickly identify and contain attacks, leaving them vulnerable to downtime and reputational and financial damage. Additionally, 58% have to shut their doors after an attack as they cannot recoup their losses.
These risks make clear that disaster recovery planning is not optional. “Too often, organizations think of updates as an afterthought. In reality, keeping systems current is one of the most effective ways to ensure recovery is predictable and downtime is minimized. When leaders prioritize updates as part of an overall resilience plan, they shift from reacting to crises toward preventing them,” said Robert Hayes, Channel Director at Infrascale.
What Is Your Biggest Challenge When Implementing Disaster Recovery System Updates?
26% of technology leaders say limited resources are a significant challenge when implementing disaster recovery system updates
Various challenges arise when implementing system updates:
Tech leaders in the US face various challenges when implementing system updates. Limited resources are chief among these, with 26% of our audience describing this as a significant challenge, suggesting their organizations are under-spending on data security and preparedness. For some, access to resources was either a minor issue (18%) or not a concern (1%).
A lack of skilled staff is another significant challenge for some tech leaders (21%), although 3% say this issue is minor (3%), and 3% say this isn’t a concern in their organization. Downtime was either a significant challenge (23%) or a minor issue (3%) for some in our audience. Only 2% say the challenge of compatibility issues was significant.
These findings are in keeping with those of the IDC’s The State of Disaster Recovery and Cyber-Recovery 2024-2025 white paper. According to the paper, some of the top challenges include updates (33%), IT personnel time and resource availability (26%), IT personnel knowledge/skill (26%), recovery time (25%), and integrating diverse tools (25%).
Which Area of Your Disaster Recovery System Requires The Most Improvement?
58% of our audience thinks their system’s recovery time could do with some improvement
Various aspects of disaster recovery systems need improvement:
When discussing the area in need of the most improvement, the majority of our audience mentions recovery time. 58% say they want to see some improvement, while others name this as a critical concern (10%) or say their recovery time requires some improvement (9%). Only 4% are satisfied with their recovery time rates.
This supports the downtime concerns mentioned above. The IDC report we referenced confirms these sentiments, saying 29% of respondents used recovery speed as one of their top criteria when selecting backup/data recovery tools.
Backup speed was another area requiring either some (9%), minor (6%), or critical (1%) improvement. The tech leaders who discussed testing procedures say theirs either require critical (2%) or some (1%) improvement.
An additional 1% say their systems’ cloud readiness could be improved somewhat. It’s worth noting that the IDC report found that, while 90% of organizations use cloud, slightly more than 58% protect less than half of their apps using cloud data recovery.
What Drives Your Decision To Update Disaster Recovery System?
53% of tech leaders are driven to update their disaster recovery systems due to security risks
Two main reasons drive technology leaders’ decisions to update their systems:
Our audience was split almost equally regarding the factors driving their decision to update their disaster recovery systems. For 53% of tech leaders, the decision is spurred on by security risks, while 47% make their decision based on compliance requirements.
These findings are confirmed by reports indicating organizations are prioritizing data recovery updates as a result of a sharp increase in ransomware attacks and cyber threats. The 47% for whom compliance is the driving factor aren’t alone, either. A recent Wall Street Journal analysis reported that expanding, inconsistent cybersecurity regulations like federal and state-level incident reporting mandates are straining compliance processes and pushing organizations to fortify their recovery systems.
What Is Your Preferred Disaster Recovery System’s Update Schedule?
90% of tech leaders prefer immediate deployment for disaster recovery system updates
There are different approaches to disaster recovery system update schedules:
The discussions of US tech leaders around preferred disaster recovery system update schedules suggest they have no strong feelings about this, whether their organizations prefer immediate deployment (90%), updates as needed (8%), or according to a quarterly upgrade plan (2%). Their neutrality regarding updates may indicate they don’t feel confident in championing a specific schedule due to a lack of direct experience with disaster recovery system updates.
Our audience’s non-committal responses are cause for concern, given that the World Economic Forum (WEF) found in 2025 that 72% of organizations reported increased cyber risks. Their major concerns included ransomware and generative AI-powered adversarial advances. The issue here is that an irregular update schedule leaves organizations vulnerable to increasingly complex threats.
What Type Of Disaster Recovery System Testing Do You Rely On Most?
38% of tech leaders are moderately supportive of full disaster recovery system testing drills
Our audience uses a range of methods to test their disaster recovery systems:
Disaster recovery systems shouldn’t just be updated regularly; they also need to be tested to ensure they can perform when needed. An article in the International Journal of Management and Organizational Research highlights best practices, stressing the value of automated testing and validation. These tests help identify potential weaknesses or vulnerabilities and give organizations the opportunity to strengthen their systems, making them more effective across different scenarios.
Our audience revealed different preferences and opinions regarding various testing methods. Those who support full recovery drills do so either strongly (19%) or moderately (38%), while 20% say they do not support this method.
Among those who mention partial recovery simulations, support was either strong (3%) or moderate (3%). Third-party audits also received a mix of strong (6%) or moderate (1%) support, while 4% were in strong support of automated testing, and 2% said they did not support manual verification.
This suggests that while there’s broad recognition of the importance of testing disaster recovery systems, opinions vary on which methods are most effective, reflecting a balance between thoroughness, practicality, and resource constraints.
What Is Your Preferred Disaster Recovery System Update Method?
43% of tech leaders prefer taking a hybrid approach to disaster recovery system updates
Different methods are used to update disaster recovery systems:
Online discussions by technology leaders in the USA revealed different preferences regarding disaster recovery system update methods. The greatest amount of support was for taking a hybrid approach (43%), followed by staged rollouts (12%) and automated updates (11%). However, some also express a lack of support for one method, specifically manual updates (34%).
Interestingly, these findings are in keeping with a Cloud-Native Approach to Data Protection and Recovery Pathfinder Report, which found support for cloud-native tools increased from 50% in 2021 to 58% in 2022. This suggests a growing appreciation for the efficiency and resilience offered by hybrid and automated approaches.
What Is The Top Priority During Disaster Recovery System Updates?
Minimal downtime is an important priority during disaster recovery system updates for 64% of technology leaders
Priorities during updates reveal a clear preference:
Opinions regarding top priorities during disaster recovery system updates were diverse, with the greatest discussion being around prioritizing minimal downtime. 64% of our audience say it is important, while 13% describe it as essential, and 2% say it is less critical than other priorities. For 8% of tech leaders, data accuracy was essential. Others say their essential priorities are security hardening (4%) or system stability (6%). 3% say they consider security hardening to be less critical.
That a significant proportion prioritize minimal downtime during updates is understandable. In 2024, a Siemens report estimated that unplanned downtime costs the world’s 500 biggest companies $1.4 trillion or 11% of their revenues per year. The report also found that the cost of an idle production line in a large heavy industry plant is $59 million, which is 1.6 times higher than in 2019.
Which Disaster Recovery System Components Are Most Critical During Updates?
85% of technology leaders have neutral feelings about the importance of cloud backups during disaster recovery system updates
Not everyone agrees that cloud backups are the most critical system components:
For our audience of tech leaders, opinions about which disaster recovery system components are the most critical during updates were all neutral. However, the majority (85%) expressed neutrality in regards to cloud backups, while security appliances (6%), network infrastructure (5%), servers (2%), and storage devices (2%) were only mentioned by a small number.
This may be due to the complexity of the topic, as disaster recovery systems involve a range of interconnected components, such as backup, monitoring, and failover. This can make it difficult to determine which component is most critical during updates.
What Factor Most Influences Your Disaster Recovery System Update Budget?
46% of technology leaders say resource availability has the greatest influence on their disaster recovery system budget
A range of factors impact organizations’ update budgets:
Our audience was most vocal about resource availability as a factor influencing their disaster recovery system update budget. This is a significant influence for 46% and a critical factor for 27%, although 17% say it is only a minor consideration. Their sentiments align with the WEF’s Global Cybersecurity Outlook 2024 report, which found that 52% of public organizations named a lack of resources and skills as their biggest cyber resilience challenge.
Project deadlines also influence system update budgets, with 1% of technology leaders saying this was significant and 4% describing it as a critical factor. For 3%, risk assessments have a critical influence on their budgets.
Some tech leaders say compliance rules influence their budget, with the severity being either significant (2%) or critical (1%). Despite these lower numbers, their impact is clear when viewed alongside the WEF’s Global Cybersecurity Outlook 2025 report, which highlights how regulatory fragmentation remains one of the most pressing challenges—76% of CISOs say it directly affects their ability to maintain compliance.
Which Communication Method Works Best During Disaster Recovery System Update Cycles?
56% of technology leaders think in-person briefings are the best communication method during update cycles
Tech leaders don’t all agree on which communication method is ideal:
Effective communication is one of the cornerstones of organizational success, and this is especially true during potentially disruptive periods such as disaster recovery system update cycles. That said, tech leaders have diverging opinions about which communication works best during these cycles.
The greater part of our audience mentioned in-person briefings, with support for this method mostly being positive (56%), although 3% remained neutral in their opinions. Our audience also expressed positive support for phone alerts (22%), message platforms (2%), and email notifications (1%). Some tech leaders remained neutral regarding phone alerts (9%) and message platforms (3%). 4% had negative opinions regarding messaging platforms.
There’s a good reason for the significant support for face-to-face communication. A Yale University study found human brains, particularly the areas governing social interactions, are more active during live in-person encounters than they are during online meetings. This implies that in-person communication is more effective than electronic communication methods.
How Do You Monitor Disaster Recovery System Update Success?
100% of US tech leaders use third-party monitoring tools to monitor system update success
The method for monitoring disaster recovery system update success is the same across the board:
Every US technology leader in our audience says they rely on third-party monitoring tools to monitor the success of their disaster recovery system updates. A reason for the reliance on third-party tools may be due to a lack of personnel who have the skills to monitor the success of updates.
The 2025 WEF report referenced above revealed that the cyber skills gap increased by 8% since 2024. 67% of organizations reported moderate to critical skills gaps, including those needed to meet security requirements, while only 14% of organizations said they were confident they had the personnel and skills they needed.
What Disaster Recovery Backup Approach Do You Prefer?
41% of technology leaders prefer a cloud-only approach, even if it’s not ideal
There are a variety of different approaches to backing up disaster recovery systems:
Based on opinions, our audience had different preferences regarding disaster recovery system backups. Cloud-only backup is the best choice for 7% of technology leaders, with 9% thinking this is a good option and 41% saying it isn’t ideal. While on-premises is only a good option for 2%, 22% thought this isn’t the ideal approach. 9% say hybrid backup is the best choice, while another 9% disagree slightly, saying this option is only good, while just 2% say scheduled backup was a good option.
The support for cloud backups is in keeping with surveys that find as many as 84% of IT decision makers utilize cloud services. However, the mixed responses also indicate that organizations are increasingly viewing disaster recovery in terms of tangible and intangible IT architecture and systems, which influences their approaches to backup.
Which City Is Your Primary Location?
31% of tech leaders' possible primary location is New York City
Tech leaders are based in various major centers in the USA:
Our audience of tech leaders is based in different locations across the US. Those who mentioned New York City were either located there primarily (2%), not primarily (4%), or possibly (31%). 4% were not likely to be located in the Big Apple. Chicago was the primary location for 1%, with 8% possibly located there and 6% not likely to be there. While 7% were based in Chicago, it wasn’t their primary location.
Among those who mentioned San Francisco, 7% were not located there primarily, 9% are possibly based there, and 2% weren’t likely to be based there. Austin was the possible location of 4%, although it’s not the primary location for 2%, and it’s unlikely to be the location of 6%. Seattle isn’t the primary location for 5%, and it’s likely not to be the location for 3%.
Some of these cities are in a few of the states that have the dubious distinction of having the highest number of data breaches in 2023, according to Network Assured. California was at the top of the list with 1,338 breaches, followed by New York (618), Texas (581), Florida (458), and Maryland (343).
Overall, these findings shed light on how technology leaders in the US approach disaster recovery system updates, testing, monitoring, and backups. We’ve seen how resource availability and skills shortages present the greatest challenges; our audience prefers hybrid approaches and in-person communication, and what drives decisions. From these insights, it’s clear that, as threats become more complex, so do recovery systems and their requirements. However, this is something that many organizations have yet to acknowledge and respond to effectively.
Methodology
Sourced using Artios from an independent sample of 438183 United States technology leaders’ opinions across X, Reddit, TikTok, LinkedIn, Threads, and BlueSky. Responses are collected within a 95% confidence interval and 5% margin of error. Results are derived from opinions expressed online, not actual questions answered by people in the sample.
About the representative sample:
- 41% of US technology leaders are between the ages of 45 and 64.
- 58% identify as female and 42% as male.
- 44% earn between $200,000 and $500,000 annually.
