Cyberdefenses weaken amid IT’s ‘overconfidence’

Four in every five (80%) of organisations ran as many as 10 solutions simultaneously for data protection and cybersecurity in 2021, but more than half of them suffered downtime because of data loss, according to Acronis International.

The Singapore-based company’s Cyber Protection Week Global Report 2022 covers a survey of more than 6,200 IT users and IT managers from small businesses to enterprises across 22 countries.

Finding show that more solutions do not translate into more protection. Globally, there was a 25% in the number of organisations that experienced downtime due to data loss compared to 2021.

This downtime stemmed from a number of sources, including system crashes (52%), human error (42%), cyberattacks (36%) and insider attacks (20%).

Three in every five (61%) of global organisations’ IT teams now report a preference for integrated solutions that replace their complicated stacks of cybersecurity and data protection tools with a single, unified console.

Acronis flags a trend of overconfidence, saying that IT teams are overselling their readiness, which is responsible for cyberdefenses lowering and increasing IT security budgets.

Among IT managers, 70% claim to have automated patch management. However, based on any reliable industry research, only a handful of companies follow the 72-hour “golden time” for patch management.

Also, 82% claim to have ransomware protection and remediation. Yet, successful attacks occur weekly and the size of ransom demands grows each year.

“It seems that IT managers are trying to appear better prepared than they are, but that is, in turn, misleading their managers, boards of directors, industry analysts and customers,” said Acronis.

Findings also show that organizations are spending more on IT security this year. But when compared to their overall IT budget, firms are still treating cyber protection as a “nice-to-have” not as a “must-have.”

Half of organisations globally allocate less than 10% of their overall IT budget on IT security.

Only 23% of organisations globally are investing over 15% of their overall IT budget in security — even despite the increasingly threatening cyber landscape.

Acronis also observed that the pandemic-driven spike in awareness have proven to be temporary.

Frequent backups that were fuelled by the shift to remote work are over, with a third of IT managers only back up weekly, while another 25% back up monthly.

Further, users show concern over cyberthreats, but backup habits remain unchanged.

Only one in ten users backs up daily, while 34% of users back up on a monthly basis. Worse, 41% of users back up rarely or never. 

Still, 72% of users had to recover from backup at least once in the past year. This means that some of the users who chose not to back up have permanently lost their data.