Security, remote work support top concerns amongst firms

IT managers cite instructing employees on remote work and securing remote workers as top challenges amidst the increase adoption of hybrid work practices, and 53% believe their use of "known, trusted software" will help keep them safe from supply chain attacks.

Increasing adoption of hybrid work practices has pushed the need to enable and secure remote workers as a top challenge for IT managers. Security threats also have evolved amidst this emerging workplace, with supply chain attacks hogging recent headlines, but 53% of IT administrators believe their use of "known, trusted software" will help keep their organisation safe from such threats. 

Asked about challenges they faced in the past year with increased adoption of remote work, 57.2% of IT managers pointed to enabling or instructing employees about working remotely, while 49.6% cited the need to secure these workers. Another 44.5% highlighted the need to ensure availability of business applications and networks, according to a study conducted by data security vendor Acronis. 

The survey polled 3,600 IT managers and remote workers in 18 markets, including Singapore, Australia, India, Japan, Germany, the US, and the UK. Respondents from each country comprised 100 IT managers and 100 remote workers. The study was conducted over two months through to October 2021. 

Constant review of third-party security critical as ransomware threat climbs

Lulled into complacency, businesses face risks of supply chain attacks even after they have done their due diligence in assessing their third-party suppliers' security posture before establishing a partnership.

Read More

Some 28.6% said their organisation was targeted by cyber attackers at least once a month, while 21.4% saw weekly attacks and 20.6% reported at least one attack a day. About 20.1% believed they were never targeted in a cyber attack, compared to 9.3% who said their organisation was targeted every hour, the study revealed. 

Phishing attempts were the most common, with 57.9% of iT managers noting their organisation encountered such attacks in the past year, followed by 39.8% and 36.5% who cited DDoS (Distributed Denial of Service) and malware attacks, respectively. 

In particular, 74% and 50% of Singapore IT managers cited phishing and malware as the most common attacks, respectively--with both figures higher than the global average. 

The need to deal with cyber threats pushed stronger priority for antivirus and antimalware tools, with 73.3% of IT managers worldwide citing these as important business security tools, compared to just 43% in last year's report. Another 47.9% highlighted the need for integrated backup and disaster recovery, while 45.3% pointed to vulnerability assessments and patch management. Another 35.7% prioritised remote monitoring and management and 20.4% cited URL filtering tools.

With news of third-party supply chain attacks including Kaseya and SolarWinds consuming headlines in the past year, 53% of IT managers believed their use of "only known, trusted software" would safeguard their organisation against such attacks. Some 23.8% said they turned to antivirus and endpoint detection and response tools, while 17.8% engaged an external provider to protect the organisation against supply chain attacks. 

Asked about two-factor authentication (2FA), just 21.6% said they used it for all accounts, while 37.7% said they did likewise for some accounts. Another 30.6% said they tapped 2FA for most accounts, while 10.1% did not use it at all. 

Amongst employees, 36.5% cited the use of VPN and other security measures as the most technically challenging aspect of working remotely, according to the Acronis study. Wi-Fi connectivity, though, was the most cited technical challenge at 43.9% of respondents, while 27% pointed to the lack of IT support. 

Some 25.3% of remote employees admitted not using any 2FA, while 38.3% did so for some accounts. Another 21% tapped 2FA for most accounts and 15.4% did likewise for all accounts. 

Acronis' vice president of cyber protection research Candid Wuest said: "The cybercrime industry proved to be a well-oiled machine this year, relying on proven attack techniques, like phishing, malware, DDoS, and others. Threat actors are increasingly expanding their targets, while organisations are held back by the growing complexity of IT infrastructure.

"Only a small number of companies have taken the time to modernise their IT stack with integrated data protection and cybersecurity. The threat landscape will continue to grow and automation is the only path to greater security, lower costs, improved efficiency, and reduced risks," Wuest said.

RELATED COVERAGE