With the ongoing COVID-19 pandemic continuing to cripple businesses worldwide, with previous Acronis research showing more than 80% of global companies admitted they were not prepared to switch to remote work, with IT infrastructure suffering, 2021 has also proven to be an even bigger security challenge.
Ahead of next week’s Acronis #CyberFit Summit World Tour 2021 kicking off in Miami, Florida on October 25-27 with a hybrid event, the launch of the detailed, 20-page Cyber Readiness Report 2021 has a range of alarming findings that need immediate action to solve.
Candid Wuest, Acronis VP of Cyber Protection Research said: "The cybercrime industry proved to be a well-oiled machine this year – relying on proven attack techniques, like phishing, malware, DDoS and others. Threat actors are increasingly expanding their targets, while organisations are held back by the growing complexity of IT infrastructure.
"Only a small number of companies have taken the time to modernise their IT stack with integrated data protection and cybersecurity. The threat landscape will continue to grow and automation is the only path to greater security, lower costs, improved efficiency and reduced risks."
Some of the key findings of the global report show that:
- 53% of global companies exhibit a false sense of security when it comes to supply chain attacks – despite cases of Kaseya and SolarWinds
- 3 out of 10 companies report facing a cyberattack at least once a day. Only 20% of companies reported not getting attacked – a drop from 32% in 2020
- The most common attack types at record-high levels this year: phishing attacks – faced by 58% of respondents, malware attacks – 36.5%, an increase from 22.2% in 2020
- The demand for URL filtering solutions has grown 10 times since 2020 – still, only 20% of global companies fully recognize the danger of phishing
- Yet, nearly half of IT managers (47%) are not using MFA solutions – leaving their businesses exposed to phishing attacks
- The demand for antivirus has grown from 43% last year to 73.3% in 2021, while the demand for an integrated backup/disaster recovery with antivirus solutions more than doubled – from 19% last year to 47.9% in 2021. Time of standalone solutions is over
- 1 in 4 remote employees reported struggling with the lack of IT support as one of the key challenges they faced this year
- 1 in 4 remote employees are not using MFA – while 1 in 5 remote employees gets heavily targeted by phishing attacks, receiving well over 20 phishing emails per month.
Here's some more detail:
Attacks growing in volume and sophistication
Three out of 10 companies report facing a cyberattack at least once a day – similar to last year; but this year, only 20% of companies reported not getting attacked – a drop from 32% in 2020, meaning that the attacks are increasing in volume.
- The most common attack types reached record-high levels this year, including phishing attacks – that continue to grow in frequency, and are now the top attack type at 58%. Malware attacks are also increasing in 2021: detected by 36.5% of companies this year – an increase from 22.2% in 2020.
- However, this year was the year of phishing: the demand for URL filtering solutions has grown 10 times since 2020 – with 20% of global companies now recognizing the danger phishing presents to their business.
- Despite growing awareness of multi-factor authentication (MFA), nearly half of IT managers (47%) are not using MFA solutions – leaving their businesses exposed to phishing attacks. According to these findings, they either see no value in it or consider it too complex to be implemented.
In response, organisations worldwide have begun to prepare for the growing threats – but for every step companies are taking, cybercriminals have already taken three.
- The demand for antivirus solutions has grown by 30% – from 43% last year to 73.3% in 2021. However, companies are just discovering that standalone antivirus solutions no longer work against modern threats: Acronis saw the demand for an integrated backup/disaster recovery with antivirus solutions more than double – from 19% in 2020 to 47.9% this year.
- Demand for vulnerability assessments and patch management grew significantly: from 26% in 2020 to 45% this year. This can be attributed, in part, to the increased volume of vulnerabilities exposed this year in critical and in-core software deployments such as Microsoft Exchange servers, Chrome browsers or Apache webservers.
- Not surprisingly, the demand for better and more secure remote monitoring and management tools grew over three times – 35.7% this year, up from 10% in 2020. With remote work now being recognized as a long-term default format of work, it's more important that ever for IT managers to be able to monitor and manage a wide range of remote devices.
Remote employees make the most attractive targets
These Acronis findings and external research clearly illustrate why organizations need a cyber protection solution that reduces complexity and improves security to support remote work environments, and that this solution must be cost-effective in order to address the increased scale of the remote workforce.
- One in four remote employees reported struggling with the lack of IT support as one of the key challenges they faced this year. The top-three tech challenges identified by remote employees globally: Wi-Fi connectivity, using a VPN and other security measures, lack of IT support.
- One in four remote employees are not using multi-factor authentication – making them easy phishing targets, with phishing being the most common attack type in 2021.
- On average, one in five remote employees gets heavily targeted by phishing attacks, receiving well over 20 phishing emails per month – with 71% of respondents confirming being targeted by it each month. Learning to identify such attacks through cybersecurity awareness training is crucial in keeping organizations protected, and personal assets as well.
- Acronis has seen attackers aggressively expanding their target pool – it is no longer just Microsoft Windows OS based workloads – where users reported a spike in attacks against Linux, MacOS, Android and iOS devices as well. Attackers are also going after virtualized environments more often.
- Unfortunately, cybercriminals don't need to be tech-savvy to create chaos anymore – take malware for example. Cybercriminal gangs have further expanded their malware-as-a-service model, that provides step-by-step guides on how to make a profit out of compromising targets.
Yet despite the growing dangers for employees, remote work is here to stay; Acronis says people will continue to work and hire remotely, and that's the reality most IT teams still need to get ready for: finding a solution to hardware shortages, increased complexity, an increased need for IT support and better cybersecurity solutions. This is an existential crisis companies must prepare for now – the potential costs for not doing so are just too great.
Platform with deeper industry insights
Remote work is here to stay, and so are increasingly sophisticated cyberattacks. So it's up to both the organization and the individual to follow the best cyber protection practices available.
There is also an APAC regional “deep dive” document here.
Acronis' report explores in detail:
- What new challenges do IT leaders and managers struggle with the most.
- What key IT infrastructure vulnerabilities caused the most damage across all industries in the past year.
- How many cyberattacks do large businesses, SMBs, and consumers truly face on a daily basis.
- What types of attacks cybercriminals favor – and which they will focus on next year.
- How ready are employees to switch to permanent remote work – compared to last year.
Acronis conducted an independent research study which surveyed 3,600 IT managers and remote workers across 18 countries, with the findings providing a clear picture of modern cybersecurity needs, how the business world will cope with remote work further, the changed cyber landscape – and how it will evolve from here.
Acronis #CyberFit Summit World Tour 2021:
If you are keen to learn more about cybersecurity pain points and available solutions for businesses, Acronis is holding #CyberFit Summit World Tour 2021 as a hybrid in=person and virtual event, kicking off in Miami, Florida on October 25.
As you'd expect, Acronis says the summit enables you to:
- Attend result-focused virtual sessions for free and hear world-class experts explain strategies and deployment options for cyber protection
- Enhance your MSP business's cyber protection capabilities with advice from top IT channel, cybersecurity, and industry experts
- Hear exclusive case studies of successful, profitable and scaling MSPs and MSSPs
- Learn how to grow your business with cybersecurity-forward services
- Join hands-on, interactive workshops; insightful panels and breakouts; and inspirational keynotes – while enjoying numerous IT channel networking opportunities.
You can register to attend the Acronis #CyberFit Summit World Tour 2021 virtually here.
The Cyber Readiness Report 2021 is available to download here.