Many companies have a false sense of security when it comes to supply chain cyber attacks
- Published: Friday, 22 October 2021 08:01
Acronis has released its annual Cyber Readiness Report, providing an overview of the current cyber security landscape and the key pain points faced by businesses and remote employees worldwide amid the global pandemic.
Based on findings from an independent survey of 3,600 IT managers and remote employees at small and medium-sized companies in 18 countries across the globe, the report states that 53 percent of companies have a false sense of security when it comes to supply chain cyber attacks.
Despite the attacks on trusted software vendors, like Kaseya or SolarWinds, over half of IT leaders believe that using ‘known, trusted software’ is sufficient protection – making them an easy target.
Three out of 10 companies report facing a cyber attack at least once a day – similar to last year; but this year, only 20 percent of companies reported not getting attacked – a drop from 32 percent in 2020, meaning that the attacks are increasing in volume.
The most common attack types reached record-high levels this year, including phishing attacks – that continue to grow in frequency, and are now the top attack type at 58 percent. Malware attacks are also increasing in 2021: detected by 36.5 percent of companies this year – an increase from 22.2 percent in 2020.
Despite growing awareness of multi-factor authentication (MFA), nearly half of IT managers (47 percent) are not using MFA solutions – leaving their businesses exposed to phishing attacks. According to these findings, they either see no value in it or consider it too complex to be implemented.
Last year’s Acronis Cyber Readiness Report saw an increase in adoption of new services – especially SaaS and cloud computing services – and this year, companies continue to adopt new solutions. However, this has increased the overall complexity of IT environments, which most likely will cause additional breaches and unplanned downtime in the future, says Acronis.
“The cybercrime industry proved to be a well-oiled machine this year – relying on proven attack techniques, like phishing, malware, DDoS and others. Threat actors are increasingly expanding their targets, while organizations are held back by the growing complexity of IT infrastructure,” says Candid Wuest, Acronis VP of Cyber Protection Research. “Only a small number of companies have taken the time to modernize their IT stack with integrated data protection and cybersecurity. The threat landscape will continue to grow and automation is the only path to greater security, lower costs, improved efficiency and reduced risks.”