One thing we know for sure following the events of the last 12 months is that society is now inherently reliant on digital. In a world ruled by data, where citizens are dependent on access and reliable connectivity, individuals, institutions and industries at large can no longer afford to be blasé when it comes to data protection.
This week (29 March) marked the publication of the second annual Cyber Protection Week Survey by Acronis, and this year’s study uncovered some worrying findings about the state of cybersecurity in businesses today.
Among the most impactful findings of the report is the confirmation that the deployment of more solutions does not amount to better protection; a conundrum study authors have called the ‘post-pandemic paradox’.
“This year’s Cyber Protection Week survey clearly illustrates that more solutions do not deliver greater protection, as using separate tools to address individual types of exposure is complicated, inefficient and costly” – Serguei Beloussov, Acronis
Drawing on insights from 4,400 IT users and professionals in 22 countries across six continents, researchers discovered a clear discrepancy between organisational understanding surrounding the importance of data protection and the ineffective or insufficient cybersecurity investments companies have made.
According to the data, while 80% of organisations are simultaneously running up to 10 different protection and cybersecurity solutions, more than 50% still experienced downtime from data loss last year. This is a major cause for concern, since the COVID-driven acceleration of digitisation and the global shift to remote working means businesses and citizens at large are now much more vulnerable to cyber threats if their security measures are not up to par.
“This year’s Cyber Protection Week survey clearly illustrates that more solutions do not deliver greater protection, as using separate tools to address individual types of exposure is complicated, inefficient and costly,” said Serguei ‘SB’ Beloussov, founder and CEO of Acronis. “These findings confirm our belief that the smarter approach is cyber protection, which unifies data protection, cybersecurity and endpoint management in one.”
The study shows that implementing more solutions is not only ineffective when it comes to securing networks, but also that, in many cases, trying to manage protection across multiple solutions increases complexity and lowers visibility for IT teams which ultimately heightens risk. Employing multiple solutions at the same time means those responsible for their management must remember which solution provides a particular data point, also forcing them to switch between consoles to source the required information, which can lead to inefficiencies and missed insights.
Lack of cyber awareness complicates issues
The report also highlights a considerable gap in awareness of the IT services and cybersecurity capabilities that are available to IT users and professionals, which can result in a loss of valuable time, money and, crucially, security.
Sixty-eight percent of IT users and 20% of IT professionals who participated in the survey claimed they would not know if their data had been modified because it’s not easy to identify that kind of activity with the solution they use.
Additionally, 43% of IT users don’t know if their anti-malware is equipped to tackle zero-day threats (meaning they haven’t been seen before and don’t match any known malware signatures) because their solution doesn’t make that information easily available – but having easily accessible insights such as these is central to ensuring data protection.
On top of this, a staggering 10% of IT professionals have no idea whether their organisation is subject to data privacy regulations. This is a notable issue because the parties responsible for data privacy can’t implement effective strategies to ensure requirements are met, let alone evaluate solutions that could rectify issues, if they don’t even know they’re culpable. This level of ignorance is a major risk to businesses, exposing them to significant fines for potential compliance violations.
Lacklustre IT users
This worrying trend is also evident among IT users, with the report revealing that many are far too laid back when it comes to matters of data protection.
Only half of IT consumer participants surveyed said they had taken extra steps to protect their devices, despite 83% acknowledging that they have spent considerably more time using such technologies over the past year. Additionally, 33% admitted to not updating their devices until at least seven days after being notified of a patch.
Furthermore, 90% of IT users reported performing backups, yet 73% have experienced an irretrievable data loss at least one, suggesting they don’t actually know how to backup or recover lost data properly.
Evidently, individual efforts to uphold the protection of data are not keeping up with threats, which is likely due to false assumptions (such as believing Microsoft 365 backs up their data) or a reliance on automatic solutions.
You might also like: 6 ways cloud computing has saved education during the pandemic