Malicious deletion is the leading cause of data loss
A quarter of organizations continue to lack controls and policies for backup security, leading to vulnerabilities in an increasingly complex environment. A survey published in 2025 found malicious deletion was the leading cause of data loss, with over 50% of organizations suffering data loss for this reason. External threats affected almost a third (29%), and insider actions accounted for 27%.
In the last category, human error caused data loss in 34% of the cases. 30% of companies were affected by conflicts with third-party apps, and another 30% lost data due to improper setup or maintenance. 14% experienced sync issues, and 18% faced scripting errors.
The race to recovery
Being able to recover lost SaaS data swiftly is critical for avoiding compliance breaches and minimizing downtime. However, just 14% of the businesses surveyed could recover within minutes. The majority – 40% – needed hours to achieve recovery, meeting operational and regulatory demands. A significant number (35%) required up to a few weeks, risking non-compliance and prolonged downtime. 8% said they didn’t know how long recovery would take, and 2% were unable to recover any lost data.
The financial losses are dramatic
First and foremost, inadequate security makes businesses vulnerable to attacks like ransomware, phishing, or hacking. In 2023, the average data breach cost businesses $4.45 million globally, with small enterprises bearing substantial proportional losses.
Downtime caused by cyber incidents can result in lost sales and operational disruptions. For example, a DDoS attack can render e-commerce sites inaccessible for hours or even days. Managed VPS hosting providers ensure that the server’s operating system, software, and security patches are always up-to-date. This prevents vulnerabilities that attackers could exploit.
The business suffers reputational damage
Customers may avoid doing business with a company that has experienced a breach. In fact, 65% of consumers report losing trust in a business after a data breach. News about breaches can harm a brand’s reputation, especially in competitive markets.
Businesses violate compliance laws by not taking security measures
Failure to implement robust security measures can lead to violations of data protection laws, and the penalties are more severe in some jurisdictions. In the EU, GDPR fines can go up to the equivalent of $21 million in euros or 4% of the business’s annual turnover worldwide. What’s more, breaches can trigger lawsuits from customers or partners whose data was compromised.
Prevention costs less than security breach consequences
Fixing security issues after an incident is often more expensive than implementing preventive measures. After an attack, businesses often face higher costs for emergency IT services, audits, and updated infrastructure. Additionally,premiums may increase following an incident, adding to operational costs.
Businesses that don’t invest in security find it harder to compete
Failing to invest in security leads to outdated systems, making it harder to compete in a tech-driven market. Competitors with robust security measures are likely to retain and attract more customers.
Next steps: Taking action
Steps to take include performing regular audits, investing in security, and training staff. The best course of action is to identify and address potential vulnerabilities before they are exploited. Businesses should purchase firewalls, encryption, multi-factor authentication, and intrusion detection systems. Training employees to recognize phishing and other social engineering attacks would be very helpful. Finally, maintaining regular backups and testing disaster recovery protocols is of paramount importance.