Securing IT During the Pandemic: Report Reveals Cyber-Readiness Challenges

Six months ago, as organizations around the world responded to the COVID-19 pandemic, they experienced a seismic shift in the way they do business. Entire offices suddenly emptied as employees shifted to remote work. Meanwhile, IT teams were faced with the challenges that come with facilitating that transition – new cybersecurity demands, new devices connecting to corporate networks, new privacy concerns and new budgetary concerns that arise from everything else.

To gauge how well IT teams faced this experience – where they were best prepared to meet the migration and where there were areas for improvement – Acronis surveyed 3400 IT managers and remote workers from 17 countries around the world in June and July 2020 about the threats, challenges and trends they’ve seen since switching to remote work.

The results of the first-ever Acronis Cyber Readiness Report were just published in advance of the Acronis Global Cyber Summit 2020, happening virtually October 19-21.

The insights uncovered by the global business community’s IT pros are a wake-up call for securing valuable corporate data and systems – now and into the future.

Key takeaways:

  • Nearly half of all organizations struggled to instruct and secure remote workers
  • 31% of global companies are attacked by cyber-criminals at least once a day. The most common attack types are phishing attempts, DDoS attacks and videoconferencing attacks
  • 92% of global organizations had to adopt new technologies to complete the switch to remote work. As a result, 72% of global organizations saw their IT costs increase during the pandemic
  • Attacks remain frequent, despite increased tech spending, because organizations aren’t prioritizing defensive capabilities properly

The challenges of protecting remote employees

Transitioning an organization from an office environment to remote work inevitably creates challenges. In response to the pandemic, the most daunting of these challenges was based around enabling and securing remote employees.

More than half of the businesses surveyed (54.7%) recognized enabling and instructing employees about remote work as their top challenge, while 49.7% reported that securing those remote environments proved to be the most frustrating.

These results echoed what remote workers said in responding to the Acronis survey. Those employees reported that 47% of IT teams didn’t provide adequate guidance about the transition to remote work.

With both sides of the organization highlighting communication and enablement as a pain-point in this process, it’s easy to identify it as an opportunity for improvement for future mass migrations. What’s more, given the increased cyber-threats that organizations face in remote environments, overcoming these challenges should be a key goal for organizations moving forward.

31% of Organizations Experience Daily Cyber-Attacks

With the chaotic nature of the remote work migration earlier this year, cyber-criminals saw a golden opportunity to attack organizations rushing to protect corporate devices on a wide array of home networks that were almost universally less defended.

The Acronis Cyber Readiness Report revealed that 31% of organizations are attacked by cyber-criminals at least once a day. Nearly 10% of those organizations are attacked once per hour.

Of those cyber-attacks, the most commonly seen are phishing attempts (53.4%), DDoS attacks (44.9%) and videoconferencing attacks (39.5%) all of which try to leverage employee confusion and new technology to cripple organizations as they try to maintain themselves in dramatically different environments.

New Technologies for Collaboration and Security

In response to the remote work migration, and the significant increase in cyber-attacks that followed it, 92% of IT teams around the world brought new technologies into their corporate stack to facilitate better collaboration, accessibility, privacy and security.

The most highly adopted tech categories following the transition to remote work were:

  • Workplace collaboration tools (Zoom, Webex, Teams) and corporate file sync and share solutions (63.8%) 
  • Privacy tools (VPN, encryption) (52.1%) 
  • Endpoint cybersecurity solutions (anti-virus, two-factor authentication, vulnerability assessments, patch management) (46.9%) 

Due to these investments, nearly 75% of organizations saw their IT costs rise during the pandemic. Only one in five organizations were able to keep IT costs unchanged. Despite these new technologies and this increased IT spending, cyber-attacks remain a clear and present threat to organizations.

Organizational Priorities Do Not Match Modern Threats

When investing in new technologies during the pandemic lockdown, IT teams focused heavily on solutions that would deliver anti-malware and anti-virus capabilities. For nearly half of the organizations surveyed (43%), this capability was their top priority.

Meanwhile, phishing attempts reached their peak of popularity and URL filtering technologies that could have prevented them from costing precious time and money were only a priority for 2% of organizations.

This suggests that organizations were guided in their purchasing decisions by an outdated perspective of the cyber-threat landscape. Beyond this, the capability prioritization they reported in this survey speaks to a broader issue with traditional data protection and cybersecurity solutions. IT teams are trained to view challenges, issues and threats to their environments on a case-by-case basis and – as a result – build complex patchworks of solutions to solve problems as they emerge.

In the modern digital world, where cyber-threats are increasingly sophisticated, company networks are increasingly complex, and the cost of downtime is higher than ever, this approach to security and protection doesn’t work anymore.

Modernizing Cybersecurity and Data Protection

Replacing the outdated separation of IT operations and cybersecurity is at the core of what IDC has called the “new IT discipline of cyber-protection.” The concept, introduced by Acronis in 2018, integrates data protection with AI-enhanced cybersecurity – unifying the capabilities of both to improve an organization’s cybersecurity posture, reduce the complexity of management and licensing, and lowers the total cost of ownership (TCO) – all of which enable organizations post-pandemic to stay agile and enhance both productivity and security in remote work environments.

The global pandemic threw into sharp relief how complicated securing IT has become in recent years – how maneuvering a modern IT stack to support a sudden, dramatic shift to remote working can leave many unprepared and at risk. The Acronis Cyber Readiness Report illustrates a serious challenge for businesses around the world.

For organizations to be better prepared for the next upheaval, they need to focus on strategies and solutions that are designed to be highly adaptable, integrated and proactively protective. Simply put: they need cyber-protection.

Anyone interested in learning about the latest advances in cyber-protection strategies and solutions will have the opportunity to join the Acronis Global Cyber Summit 2020 for free. There will be more than 30 sessions in four distinct conference tracks, including technical training and certification sessions. The full event agenda and scheduled speakers are available on the Acronis Global Cyber Summit page.

For a look at the full Acronis Cyber Readiness Report, download your copy here.

Brought to You by

What’s Hot on Infosecurity Magazine?