The layering of cybersecurity products is counterproductive

Acronis, a security solutions provider, recently released its 2022 Global Report on Enterprise Cyber ​​Protection Practices, for which more than 6,200 respondents were surveyed, half of them users and the other IT managers. In the previous edition, more than half of responding companies had experienced downtime due to data loss. This year, the finding is even more negative: 76% suffered from data loss, which represents a significant increase, even though more than 67% use more than six security solutions, 22% even use more than ten. According to the report, business interruptions have several causes: in about half of the cases (52%), they are system failures, in 42% of the cases human errors, in 36% cyberattacks and in 20% attacks from inside the organization.

The report also shows that some good security practices that had strengthened during the pandemic are declining. For example, only a third of IT managers perform weekly backups and 25% only monthly backups, while only 15% of IT teams report implementing best backup practices. Regarding the backup test, only 20% practice it at least once a week. In addition, while 70% of IT managers surveyed claim to have automated patch management, the vendor’s observations show that only a small proportion apply them within the recommended 72-hour window. Finally, if 82% say they are equipped with protection mechanisms against ransomware, the frequency of successful attacks and ransom demands, which do not spare France, show that there are still significant holes in the racket.

Data protection and compliance top priorities for 2022

One of the explanations for these discrepancies is undoubtedly to be found in the budgets allocated to IT security: for half of the companies questioned, these represent less than 10% of the overall IT budget. Only 23% of companies surveyed devote more than 15% of their overall IT budget to IT security, while 86% fear the intensification of politically motivated cyberattacks in the current geopolitical context. Despite these limitations, IT managers plan to strengthen measures in many areas in 2022, the first being compliance and data protection (cited by 54%) and the second the modernization of cybersecurity solutions (cited by 50.5 %).

As far as users are concerned, practices are not changing much either, despite fears linked to cyber threats, in particular those linked to the geopolitical context, of which 71% of the sample surveyed say they are quite or even very concerned. Only one in ten makes a daily backup and 34% make monthly backups, while 41% hardly ever do so. Yet 72% of users confirm having had to restore backup data at least once in the past year, with a third of them repeatedly. The same is true for updates, with 43% of users waiting at least a week before installing them.