By : Nahla Makled – Wael Elhosany
Acronis, the global leader in cyber protection, has released its annual Cyber Protection Week Global Report 2022 timed to this year’s World Backup Day. The report which surveyed over 6,200 IT users and IT managers from small businesses to enterprises across 22 countries, including the United Arab Emirates (UAE), exposes some of the most critical shortcomings appearing in cyber protection practices today, examines why they’re appearing, and offers guidance on how they can be fixed.
One of our key findings last year was that 80% of organizations ran as many as 10 solutions simultaneously for data protection and cybersecurity — yet more than half of them suffered downtime because of data loss. According to the report findings, the UAE performed dismally with 18% of the organizations claiming to use between 11-15 different solutions while a further 8% of companies use over 15 solutions simultaneously. Clearly, more solutions do not translate into more protection.
This year, we see that trend getting worse: while 78% of organizations globally run as many as 10 different solutions, 76% of organizations experienced downtime due to data loss — a 25% increase from 2021. This downtime stemmed from a number of sources, including system crashes (52%), human error (42%), cyberattacks (36%), and insider attacks (20%).
As a result, 61% of global organizations’ IT teams now report a preference for integrated solutions that replace their complicated stacks of cybersecurity and data protection tools with a single, unified console.
“As the entire world is increasingly at risk from different types of attacks, accelerating to universal all-in-one solutions is the only way to achieve truly complete cyber protection. And that’s precisely the problem Acronis has set out to solve,” says Candid Wuest, Acronis V.P. of Cyber Protection Research. “Attackers don’t discriminate when it comes to means or targets, so strong and reliable security is no longer an option, it’s a necessity.”
Overconfidence as a trend: IT teams are overselling their readiness
The report also unearthed another worrying trend that is responsible for cyberdefenses lowering and increasing IT security budgets 71% and 70% of Saudi Arabia and the UAE companies respectively are looking to replace their complicated stacks of cybersecurity and data protection tools with a single, unified console.
70% of organizations’ IT managers claim to have automated patch management. However, based on any reliable industry research, only a handful of companies follow the 72-hour “golden time” for patch management.
82% also claim to have ransomware protection and remediation. Yet, successful attacks occur weekly and the size of ransom demands grows each year and 20% claimed to be testing backup restoration weekly. Again, not consistent with any other industry-issued data.
It seems that IT managers are trying to appear better prepared than they are; but that is, in turn, misleading their managers, boards of directors, industry analysts, and customers.
However, if the overwhelming majority of IT managers indeed have these solutions, they aren’t using them right: they have simply stocked their IT stacks with all of the recommended cybersecurity technologies — spending more money in vain.
The report findings prove that organizations are spending more on IT security this year, but when compared to their overall IT budget, it becomes clear – organizations are still treating cyber protection as a “nice-to-have”, not as a “must-have” Half of the organizations globally allocate less than 10% of their overall IT budget on IT security and Only 23% of organizations globally are investing over 15% of their overall IT budget in security — even despite the increasingly threatening cyber landscape.