.webp)
About this report
The “Third annual IT disaster and cyber recovery trends and insights report” is written by Cutover, supported by Insight Avenue. The report’s findings are based on a survey of IT decision makers and influencers at major corporations, conducted in March and April of 2025. The 300 respondents represent 10 sectors (financial services, technology, manufacturing, healthcare, transportation, energy, public sector, telecommunications, pharmaceuticals, and media) and two countries (the U.S. and the U.K.). Nearly half are Director level or C-level, with the remainder working as senior managers or disaster recovery specialists. Approximately one-quarter work in enterprises with 10,000 or more employees, while the remainder work in mid-sized (1,000-4,999 employees) to large (5,000-9,999 employees) businesses. The report supplements the survey findings with secondary research. Cutover would like to thank the participants for their time and insights.
Executive Summary
Organizations are grappling with a critical and growing gap in IT resilience, characterized by increasing disruptions and slower recovery times, largely due to outdated disaster recovery plans and a persistent reliance on manual processes. This exposes enterprises to significant systemic risks, including regulatory penalties and financial losses, as many fail to meet crucial Recovery Time Objectives (RTOs) for mission-critical applications. However, the anticipated integration of agentic AI and automation promises to revolutionize disaster recovery, offering a clear path to enhanced resilience and a significant competitive edge.
Cutover, supported by Insight Avenue, surveyed IT executives, decision makers, and influencers located in the U.S. and U.K. Our research found the following trends and insights:
The widening resilience gap and increasing recovery times
Organizations are struggling with a concerning trend: increasing IT disruptions coupled with slower recovery times, particularly evident in cybersecurity, where 77% report slower cyber attack recovery year-over-year. This slowdown stems from outdated disaster recovery plans that fail to keep pace with evolving threats, with most enterprises not regularly updating their strategies. The persistent reliance on manual processes introduces significant human error and operational vulnerabilities, directly contributing to delayed recoveries. Consequently, over two-thirds of enterprises view regulatory penalties and the inability to recover from cyber attacks as major risks due to these outdated procedures.
Cyber, cloud, and regulation: A perfect storm
Organizations face a growing challenge from rising cloud outages and cyber threats, yet nearly half still struggle to adapt traditional disaster recovery strategies to the cloud's unique demands, creating a critical resilience gap. This vulnerability is increasingly addressed by new regulations like DORA, which act as catalysts for significant DR improvements. These mandates compel organizations to enhance operational resilience, particularly concerning risks from third-party IT providers, forcing them to fortify DR capabilities against external dependencies and ensure rapid recovery from disruptions.
The RTO reality check: A systemic risk
Many organizations are failing to meet mission-critical Recovery Time Objectives (RTOs) for their most vital applications, with only a 64% success rate. This widespread failure, affecting over one-third of critical systems, introduces significant systemic risks, including severe reputational damage, substantial financial loss, and widespread operational disruption. Clearly, there's an urgent need for more robust, well-tested, and highly visible IT resilience strategies.
Disaster recovery automation: The next differentiator
AI is set to revolutionize disaster recovery (DR), with nearly all organizations anticipating its impact within the next few years. There's significant excitement for agentic AI, as most expect it to transform both the design and execution of DR plans through automated decision-making, rapid root cause analysis, and self-healing capabilities. While challenges like skill gaps and compliance remain, early AI adoption in DR promises a substantial competitive advantage.
Agentic AI: Game changer on the horizon
AI is poised to fundamentally transform disaster recovery (DR), with nearly all organizations anticipating its impact within the next two to three years and strong enthusiasm for the opportunities it presents. Agentic AI is expected to revolutionize both the design and execution of DR plans, enabling automated decision-making, rapid root cause analysis, and even self-healing systems. Despite this immense potential, challenges like the need for specialized skills, vendor readiness, and compliance issues must be overcome for widespread adoption. Ultimately, early adopters of AI in DR stand to gain a significant competitive advantage in the market.
Inaction's High Cost: The Growing Risks to IT Resilience
Many organizations are dangerously unprepared for IT disruptions, with a concerning 31% failing to update their disaster recovery (DR) plans in over a year. This widespread inaction leaves enterprises vulnerable to severe consequences, including significant regulatory penalties, the inability to recover from devastating cyber attacks, and irreversible reputational damage.
As 2025 approaches, it's critical for businesses to act decisively, addressing both outdated strategies and persistent reliance on manual processes that hinder effective recovery. A positive shift is underway; however, with over 40% of enterprises planning to automate manual DR tasks and post-event reporting in the next 12 months, a proactive step towards building essential resilience.
Introduction
For enterprises today, maintaining smooth IT operations is becoming increasingly challenging, primarily because of a widening gap in system resilience. Our survey reveals a concerning trend: IT disruptions and outages are escalating, and the recovery time for these incidents is simultaneously lengthening. This struggle is acutely felt in cybersecurity, with a significant 77% of organizations reporting slower cyber attack recovery than last year. This critical slowdown is no accident; it stems directly from stagnating disaster recovery (DR) plans unable to keep pace with an accelerating threat landscape.
This escalating challenge is underscored by the fact that most technology executives have experienced some degree of IT-related business disruption recently. The consequences of this widening resilience gap are severe and systemic, as organizations struggle to meet crucial Recovery Time Objectives for their most vital applications. This widespread failure leads to significant reputational damage, financial loss, and widespread operational disruption, highlighting a critical need for more robust DR strategies despite existing automation efforts.
This report delves into these critical challenges, but also illuminates a clear path forward. There is growing momentum towards automating manual DR tasks and post-event reporting, complemented by the transformative potential of Agentic AI. These advancements represent not just a solution to current vulnerabilities but a strategic imperative for building truly resilient operations, driving efficiency, and securing a competitive advantage in tomorrow's digital landscape.
The Widening Resilience Gap
Many organizations are facing a critical challenge: persistent IT disruptions paired with slower recovery times. The survey findings indicate a concerning trend where, year-over-year, disruption levels continue to rise while the time it takes to recover from these incidents increases. This is particularly evident in the realm of cybersecurity, where a significant 77% of organizations report that their cyber attack recovery is slower than it was last year.
This slowdown isn't happening in a vacuum; it's often a direct result of stagnating plans failing to keep pace with accelerating threats. Despite the rapid evolution of cyber risks and other disruptive events, many disaster recovery strategies remain outdated, leaving businesses vulnerable. Only 20% of enterprises are constantly reviewing and updating DR plans, while 31% haven’t updated their plans in more than 12 months. Compounding this issue is the persistent human factor and operational vulnerability, as a continued reliance on manual processes introduces significant risk and contributes to the overall slowdown in recovery efforts. Over two-thirds, or 64%, of enterprises view compliance and regulatory penalties and inability to recover from cyber attacks as the top two risks of outdated DR procedures.
Cyber, cloud, and regulation: A perfect storm
89% of leaders acknowledge disaster recovery as a key focus for their cloud environments
Organizations are grappling with the growing challenge of rising cloud outages and cyber threats, experiencing an increasing frequency and impact from these disruptive events. While 89% of leaders acknowledge disaster recovery as a key focus for their cloud environments, a significant hurdle remains: 48% still struggle to adapt their traditional on-premises disaster recovery strategies to the unique demands of cloud environments. This creates a critical gap, leaving many vulnerable despite recognizing the importance of cloud resilience.
This deficit is further compounded by a "perfect storm" of escalating cyber threats, the complexities of cloud adoption, and mounting regulatory pressure. New mandates, such as the Digital Operational Resilience Act (DORA), are increasingly serving as powerful catalysts. These regulations compel organizations to enhance operational resilience, particularly in addressing risks associated with third-party information and communication technology (ICT) providers, thereby forcing a critical re-evaluation and fortification of DR capabilities against external dependencies.
Regulatory Catalysts: The role of new regulations (e.g., DORA) in driving DR process improvements, especially concerning third-party ICT. 57% of financial institutions are including ICT third parties in DR testing for DORA law.
The RTO reality check: A systemic risk
Only 64% success rate for mission-critical application RTOs.
Despite best efforts, many organizations face alarming mission-critical Recovery Time Objectives (RTOs), with a concerning statistic revealing only a 64% success rate for their most vital applications. The consequences of this failure are severe, introducing systemic risks when over one-third of critical systems fail to recover within their designated timeframe. This directly impacts the business, leading to significant reputational damage, substantial financial loss, and widespread operational disruption, underscoring the urgent need for more robust and reliable recovery strategies. There’s an urgent need for robust, well-tested, and highly visible IT resilience strategies.
Download the report to get full access to more 2025 trends and insights.
.webp)
