53% of Companies are Left Exposed to Supply Chain Attacks – Acronis Cyber Readiness Report 2021 Reveals Critical Security Gaps

Industry demand for URL filtering grew 10 times since last year – slower progress compared to cyberattacks growing in volume and sophistication

Acronis, the global leader in cyber protection, has released its annual Cyber Readiness Report, providing a comprehensive overview of the modern cybersecurity landscape and the key pain points faced by businesses and remote employees worldwide amid the global pandemic. Acronis’ research from last year revealed more than 80% of global companies admitting they were not prepared to transition to remote work – exposing key vulnerabilities businesses must quickly plan and implement solutions for.
Based on findings from this year’s independent survey of 3,600 IT managers and remote employees at small and mid-sized companies in 18 countries across the globe, the report states that 53% of global companies have a false sense of security when it comes to supply chain attacks. Despite the globally recognized attacks on trusted software vendors, like Kaseya or SolarWinds, over half of IT leaders believe that using “known, trusted software” is sufficient protection – making them an easy target.
Attacks growing in volume and sophistication

Three out of 10 companies report facing a cyberattack at least once a day – similar to last year, but this year only 20% of companies reported not getting attacked, a drop from 32% in 2020. Meaning, the attacks are increasing in volume.

  •  The most common attack types reached record-high levels this year, including phishing attacks – that continue to grow in frequency, and are now the top attack type at 58%. Malware attacks are also increasing in 2021: detected by 36.5% of companies this year – an increase from 22.2% in 2020.
  • However, this year was the year of phishing: the demand for a URL filtering feature grew 10 times since 2020 – 20% of global companies now recognize the danger of phishing for business.
  • Despite growing awareness of multi-factor authentication (MFA), nearly half of IT managers (47%) are not using MFA solutions – leaving their businesses exposed to phishing attacks. According to these findings, they either see no value in it or consider it too complex to be implemented
    In response, organizations worldwide have geared up for the growing threats – but for every step companies are taking, cybercriminals have already taken three.
  • The demand for antivirus solutions has grown by 30% – from 43% last year to 73.3% in 2021. However, companies are just discovering that standalone antivirus solutions no longer work against modern threats: we saw the demand for integrated backup/disaster recovery with antivirus solutions more than double – from 19% in 2020 to 47.9% this year.
  • Demand for vulnerability assessments and patch management grew significantly: from 26% in 2020 to 45% this year. This can be attributed, in part, to the increased volumes of vulnerabilities exposed this year in critical and in-core components, such as Microsoft Exchange server, Chrome browser, or Apache webserver.
  • Not surprisingly, the demand for for better and more secure remote monitoring and management tools grew over 3 times – 35.7% this year, up from 10% in 2020. Remote work has finally been recognized as a long-term default format of work, it’s more important that ever for IT managers to be able to monitor and manage a wide range of remote devices.
  • In last year’s Acronis Cyber Readiness Report, we saw an increase in adoption of new services – especially SaaS in the cloud and Cloud Computing services – and this year companies continue to adopt new solutions. However, this increases the overall complexity of the IT environment, which is most likely to cause additional breaches and unplanned downtime in the future.

“The cybercrime industry proved to be a well-oiled machine this year – relying on proven attack techniques, like phishing, malware, DDoS and others. Threat actors are increasingly expanding their targets, while organizations are held back by the growing complexity of IT infrastructure,” said Candid Wuest, Acronis VP of Cyber Protection Research.

“Only a small number of companies has taken the time to modernize their IT stack with integrated data protection and cybersecurity. The threat landscape will continue to grow and automation is the only way to greater security, lower costs and improved efficiency”.

Remote employees make the most attractive targets

These Acronis findings and external research clearly illustrate why organizations need a cyber protection solution that reduces complexity and improves security to support remote work environments, and that this solution must be cost-effective to address the scale of remote workers.

  • One in four remote employees reported struggling with the lack of IT support as one of the key challenges they faced this year. The top-3 tech challenges identified by remote employees globally: Wi-Fi Connectivity, Using a VPN and other security measures, Lack of IT support.
  • One in four remote employees is not using multi-factor authentication – making them an easy phishing target, with phishing being the most common attack type in 2021.
  • On average, one in five remote employees gets heavily targeted by phishing attacks, receiving well over 20 phishing emails per month – with 71% of respondents confirming being targeted by it each month. Learning to identify such attacks through cybersecurity awareness training is crucial in keeping not just organizations protected, but personal assets as well.
  • We have seen attackers aggressively expanding their target pool – it is no longer just Microsoft Windows OS based workloads – where users reported a spike in attacks against Linux, MacOS, Android and iOS devices as well. Attackers are also going after virtualized environments more often.

Unfortunately, cybercriminals don’t need to be tech-savvy to create chaos anymore – take malware for example. Cybercriminal gangs have further expanded their malware-as-a-service model, that provides step-by-step guides on how to make a profit out of compromising targets.

Yet, despite the growing dangers for the employees, remote work is here to stay – people will continue to work and hire remotely, that’s the reality most IT teams still need to get ready for: finding a solution to hardware shortage, increased complexity and increased need for IT support and better cybersecurity solutions. This is an existential crisis companies must prepare for now – the potential costs for not doing so are just too great.

Platform with deeper industry insights

Remote work is here to stay, and so are the increased levels of sophisticated cyberattacks – and it’s up to both the organization and the individual to follow the best cyber protection practices available.

If you are keen to learn more about cybersecurity pain points and available solutions for businesses, don’t miss the chance to register for the Acronis #CyberFit Summit World Tour 2021, kicking off in Miami, Florida on October 25 with a hybrid event, including in-person and virtual. Register now in order to:

  • Attend result-focused virtual sessions for free and learn from world-class experts explain strategies and deployment options for cyber protection.
  • Enhance your MSP business’ cyber protection capabilities with advice from the top channel, cybersecurity, and industry experts
  • Hear exclusive case studies of successful, profitable, and scaling MSPs and MSSPs
  • Learn how to grow your business with cybersecurity-forward services
  • Join hands-on, interactive workshops, insightful panels and breakouts, and inspirational keynotes – while enjoying IT channel networking opportunities

About Acronis

Acronis unifies data protection and cybersecurity to deliver integrated, automated cyber protection that solves the safety, accessibility, privacy, authenticity, and security (SAPAS) challenges of the modern digital world. With flexible deployment models that fit the demands of service providers and IT professionals, Acronis provides superior cyber protection for data, applications, and systems with innovative next-generation antivirus, backup, disaster recovery, and endpoint protection management solutions powered by AI. With advanced anti-malware powered by cutting-edge machine intelligence and blockchain based data authentication technologies, Acronis protects any environment – from cloud to hybrid to on premises – at a low and predictable cost.

Founded in Singapore in 2003 and incorporated in Switzerland in 2008, Acronis now has more than 1,700 employees in 34 locations in 19 countries. Its solutions are trusted by more than 5.5 million home users and 500,000 companies, and top-tier professional sports teams. Acronis products are available through over 50,000 partners and service providers in over 150 countries and 25 languages.