The survey also found nearly one third of organizations have had to implement part of their DR plan in the past year. The reasons for this vary, but include hardware and software failure (36 percent); external security threats (28 percent); power outage/failure/issues (26 percent); natural disasters (23 percent); IT problem management (23 percent); data leakage or loss (22 percent); and accidental or malicious employee behavior (21 percent).
"People think of disasters like flooding, terrorist attack etc when thinking of DR," said Bunker. "But it is also a disaster if you lose data and end up on the front page of the news."
"DR planning now has to take into account data loss," Bunker added. "We are seeing data loss crisis teams being set up in organizations. Customers are generally understanding when it comes to natural disasters, such as flooding. But with data loss, customers are not at all understanding, and people are much less tolerant of data loss."
"So you end up with a crazy situation where losing a laptop is much more of a danger than losing a data center, which sounds completely daft," he said.
Meanwhile, 93 percent of IT organizations say they have tested their disaster recovery plan since it was created, yet 30 percent of those tests are not fully successful - which is an improvement from 50 percent failed tests in 2007. Only 16 percent say that DR tests have never failed.
The survey also found that fewer and fewer C-level executives are involved in the planning of disaster recovery, which Bunker said was "short sighted." In 2007, 55 percent of respondents said their DR committees involved the CIO, CTO, or IT director. But this fell to only 33 percent worldwide in 2008.