Extra tags: data loss
Acronis, the world's leading cyber security company, has issued its annual Cyber Protection Week Global Report 2022, which coincides with World Backup Day this year. The report, which polled over 6,200 IT users and IT managers from small businesses to corporations in 22 countries, uncovers some of the most serious flaws in cyber security policies today, examines why they're showing up, and provides advice on how to repair them.
Last year, they discovered that 80% of businesses used up to ten data protection and cybersecurity solutions at the same time, and that more than half of them experienced downtime due to data loss. Clearly, more options do not imply more safety.
While 78% of organisations run up to ten distinct solutions globally, 76% of organisations experienced downtime due to data loss this year, up 25% from 2021. System problems (52%), human error (42%), cyberattacks (36%), and insider attacks all contributed to this outage (20%).
As a result, 61% of global organisations’ IT teams now report a preference for integrated solutions that replace their complicated stacks of cybersecurity and data protection tools with a single, unified console.
“As the entire world is increasingly at risk from different types of attacks, accelerating to universal all-in-one solutions is the only way to achieve truly complete cyber protection. And that’s precisely the problem Acronis has set out to solve,” says Candid Wuest, Acronis V.P. of Cyber Protection Research. “Attackers don’t discriminate when it comes to means or targets, so strong and reliable security is no longer an option, it’s a necessity.”
Overconfidence as a trend: IT teams are overselling their readiness
We’ve traced another worrying trend that is responsible for cyberdefenses lowering and increasing IT security budgets:
-
70% of organisations’ IT managers claim to have automated patch management. However, based on any reliable industry research, only a handful of companies follow the 72-hour “golden time” for patch management.
-
82% also claim to have ransomware protection and remediation. Yet, successful attacks occur weekly and the size of ransom demands grows each year.
-
20% claimed to be testing backup restoration weekly. Again, not consistent with any other industry-issued data.
It seems that IT managers are trying to appear better prepared than they are; but that is, in turn, misleading their managers, boards of directors, industry analysts and customers.
However, suppose the overwhelming majority of IT managers indeed have these solutions. In that case, they aren’t using them right: they have simply stocked their IT stacks with all of the recommended cybersecurity technologies — spending more money in vain.
Acronis' findings prove that organisations are spending more on IT security this year, but when we compare it to their overall IT budget, it becomes clear – organisations are still treating cyber protection as a “nice-to-have” not as a “must-have”:
-
Half of organisations globally allocate less than 10% of their overall IT budget on IT security.
-
Only 23% of organisations globally are investing over 15% of their overall IT budget in security — even despite the increasingly threatening cyber landscape.
Pandemic-driven spike in awareness proves temporary
Frequent backups that were fuelled by the shift to remote work are over: a third of IT managers only back up weekly, while another 25% back up monthly. Use of backup best practices is declining across the board — only 15% of organisations’ IT teams adhere to them.
Same as last year, 10% of IT managers still aren’t sure if their company is subject to any data privacy regulations — proving that IT managers, like IT users, get stuck in their ways.
According to Acronis study, 86% of organisations worldwide are concerned about the possibility of escalating politically-motivated cyberattacks as the geopolitical climate worsens – but their fear does not transfer into improved cyber security.
Bottom line: For years, professional IT teams have depended on obsolete practises that are now actively failing them. A comprehensive, easy-to-follow approach is required to achieve more dependable, holistic protection for data, applications, and systems – one that combines cybersecurity, data protection, and management into one solution.
Users are concerned about cyberthreats, but their backup habits haven't altered.
Only one in ten users backs up daily, while 34% of users back up on a monthly basis — a staggering 41% of users back up rarely or never. Still, 72% of users had to recover from backup at least once in the past year (33% — more than once). Meaning that some of the users who chose not to back up have permanently lost their data:
-
43% of users update a week or more after an update release — of those, 7% take more than a month to perform these recommended updates. A decline in response time compared to 2021.
-
While only 12% of users are following the recommended hybrid model of cloud and local backup storage, users have doubled down on cloud backup: for 4 years, we saw local backups shrinking from 62% in 2019 to 33% in 2022 — at the same time cloud backups jumped from 28% to 54%.
-
66% of users would not know or be able to tell if their data had been modified.
-
43% of users are not sure if their anti-malware solutions could protect against new and emerging cyberthreats.
They observe a significant difference in how businesses and individuals approach cyber security in theory and practise. Acronis offers several products that can help close that gap, including Acronis Cyber Protect, which over 20,000 service providers utilise to protect over 750,000 enterprises.