Acronis, a cyber protection firm, has stated that 53% of companies are exposed to supply chain attacks in its annual Cyber Readiness Report, an overview of the cybersecurity environment that highlights the threats faced by businesses.
Based on a survey of 3,600 IT managers and remote employees at small and medium-sized companies in 18 countries, the report found that 53% of companies are exposed to supply chain attacks and have a false sense of security about this. Despite an increase in attacks, over half of IT leaders believe that using using “known, trusted software” is sufficient protection. Acronis has previously highlighted the trend for attacks to target smaller organisations.
Increasing attacks and sophistication
Three out of ten companies reported daily attacks, and only 20% reported not being attacked, a drop from 32% last year.
The most common attacks, including phishing, reached record highs, at 58% of attacks . Malware now accounts for 36.5% of all attacks, an increase from 22.2% last year.
Phishing is driving demand for URL filtering solutions, increasing 10 fold since 2020, 20% of companies now recognize the danger phishing represents.
47% of IT managers are not using multi-factor authentication systems, it is either considered of little value or too complex to implement.
Demands for protection
Companies are realising that advanced forms of protection are required. Acronis saw demand for integrated backup/disaster recovery with antivirus solutions more than double – from 19% in 2020 to 47.9% this year. Vulnerability assessments and patch management were also in demand, up 19% year on year and remote managing requests grew from 10% of clients to 35.7%. While Acronis’ clients continue to adopt new technologies, their complexity is bound to cause vulnerabilities as companies learn to make use of them.
Remote employees targeted
According to Acronis, one in four remote employees reported a lack of IT support as a major issue. One in four employees are not using multi-factor authentication. One in five employees reported being heavily targeted by phishing attacks. Attacks have expanded to every operating system, including mobile and virtualized environments.
