Acronis, a leading provider of cyber protection solutions, has released its annual 2022 Cyber Protection Week Global Report. 76 percent of companies stated that they were struggling with downtime and data loss in 2021. The main reasons for this were system crashes, human errors and cyber attacks.
The survey, which surveyed over 6.200 IT users and IT managers from small and medium-sized businesses from a total of 22 countries, uncovers some of the most critical shortcomings in today's cyber protection practice, examines their causes and offers recommendations on how to fix them can be fixed.
80 percent of companies use up to protection solutions
One of our key insights from last year was that 80% of the companies surveyed use up to ten data protection and cyber security solutions at the same time. And yet more than half of the companies experienced downtime due to data loss. This makes it clear that more solutions do not automatically lead to more protection.
This year, that trend has intensified: while 78% of global organizations are using up to 76 different solutions, 25% of organizations still experienced downtime due to data loss — a 2021% increase from 52. This downtime is due to a range of causes, notably system crashes (42%), human error (36%), cyber attacks (20%) and insider attacks (XNUMX%).
Integrated cyber protection solutions are preferred
As a result, 61% of enterprise IT teams surveyed now say they prefer integrated cyber protection solutions that replace their previous complicated set of multiple cyber security and data protection tools and all from a single, unified console can manage from.
"Since the entire IT world is increasingly threatened by various attacks, only a quick switch to corresponding universal all-in-one solutions can guarantee truly comprehensive protection; and that is exactly the mission that Acronis is committed to, an integrated cyber protection solution,” said Candid Wuest, vice president of cyber protection research at Acronis. “The attackers have no scruples when it comes to means or ends. Therefore, strong and reliable security is no longer an option, but a necessity.”
IT teams overestimate their own preparedness
We've uncovered another worrying trend responsible for cyber defense weaknesses and rising IT security budgets:
- 70% of enterprise IT managers said they have automated patch management in place. However, according to reliable industry research, only a handful of companies follow the golden rule of 72 hours for patch management.
- 82% also say they have a solution in place to protect against (and fix) ransomware attacks. However, successful attacks occur weekly and ransom demands increase every year.
- 20% claim they test backup recoverability on a weekly basis. Again, this does not agree with other data published by the industry.
It seems that many IT managers want to appear more prepared than they actually are. However, this means that their managers, directors and customers, as well as outside industry analysts, are misled.
However, if the vast majority of IT managers actually have such solutions at their disposal, they are not using them correctly: they have simply topped up their IT portfolio with the cyber security technologies that have just been recommended - and have spent their money rather in vain.
IT budgets are unevenly distributed
Our survey results show that companies are spending more on IT security this year. On the other hand, a comparison with the corresponding overall IT budgets quickly makes it clear that comprehensive cyber protection is still seen more as a “nice-to-have” than a “must-have”:
Half of the companies surveyed worldwide spend less than 10% of their total IT budget on IT security.
Just 23% of companies invest more than 15% of their total IT budget in IT security - despite the increasingly dangerous cyber landscape.
Pandemic safety awareness was temporary
The trend towards more frequent backups, probably triggered by the obligation to work from home, has reversed again: a third of IT managers back up only once a week, and a quarter even only monthly. Adoption of backup best practices has been declining across the board - only 15% of enterprise IT teams are complying.
As in 2021, even 10% of IT managers are unsure whether their company is subject to any data protection regulations. This is further evidence that many IT managers (as well as IT users) are not in the know.
Additionally, according to our study, 86% of global businesses are concerned about the increasing threat of politically motivated cyberattacks, which in turn are being caused by the deteriorating geopolitical climate. However, this concern does not lead to improvements in their cyber protection measures.
The bottom line is that the traditional approaches that professional IT teams have followed for years are no longer working. In order to achieve reliable, holistic protection for all data, applications and systems, a comprehensive and user-friendly approach is required that combines cyber security, data protection and management functionalities in one solution.
Despite concerns about cyber threats, backup habits are unchanged
Only one in ten users backs up daily, 34% of users only back up their data once a month - and a staggering 41% rarely or never do so. However, 72% of the users surveyed had to restore a backup at least once in the past year (33% even had to restore it more than once). Conversely, this means that some of the users who decided not to back up lost their data permanently:
- 43% of users take at least a week to roll out an update after it's released - and 7% of them even take over a month to roll out recommended updates. This is a decrease in response time compared to 2021.
- While only 12% of users follow the recommended hybrid backup model (a combination of cloud-based and on-premises backup storage), the number of those using cloud backup has roughly doubled: over 4 years (from 2019-2022) we saw local backups drop from 62% to 33%. But at the same time, cloud backups increased from 28% to 54%.
- 66% of users couldn't tell if their data was changed or not.
- 43% of users are unsure whether their antimalware solutions can protect them against new or future cyber threats.
We see a massive disconnect in the way organizations and individuals approach cyber protection in theory—and then in practice. Acronis offers a range of solutions to help bridge this gap, including Acronis Cyber Protect, used by over 20.000 service providers to protect more than 750.000 businesses.
Additional global and regional insights of this kind can be found in the Acronis Cyber Protection Week Global Report 2022 and Acronis offers regional in-depth studies ("Deep Dives") free of charge on the website.
More at Acronis.com
About Acronis Acronis sets the standard in cyber protection with its innovative solutions for backup, ransomware prevention, disaster recovery, storage and EFSS (Enterprise File Sync & Share). Supported by its AI-based Active Protection technology, blockchain-based file authentications and a unique hybrid cloud architecture, Acronis secures all data in all common environments - whether physical, virtual, cloud or mobile device applications - at low and predictable costs and workloads. Founded in Singapore in 2003 and headquartered in Switzerland since 2008, Acronis today employs more than 1.500 people at 33 locations in 18 countries. Its solutions are now trusted by more than 5 million customers and 500.000 companies worldwide - including 100% of the Fortune 1000 companies. Acronis products are available from 50.000 partners and service providers in over 150 countries and in more than 30 languages.