Click to learn more about author Candid Wüest

We’re now one year into work in the time of COVID-19. While many businesses have adapted impressively, given the sudden shift, IT professionals are still adjusting to the challenges that come along with such an upheaval.

Last year, our company expanded World Backup Day – celebrated on March 31 as a reminder to back up data – into Cyber Protection Week. We’ve furthered that effort this year with an independent research survey. The results have been compiled into the Cyber Protection Week Global Report.

Our survey polled 2,200 IT professionals from 22 countries around the world. Respondents worked at organizations ranging from SMBs to enterprises, both public and private, in a wide variety of industries.

Data reliance has grown to new heights in recent years, and corporations are adopting new solutions to enable remote work while protecting sensitive information. Unfortunately, the strategies that they have in place aren’t delivering the cyber protection they need. Here are some of the major struggles we’re seeing.

More Businesses Are Backing up Data – but Few Are Adhering to Best Practices

In addition to the obvious increase in remote work over the past year, there’s been greater awareness of the consequences of data loss, as governments and major corporations alike were targeted – often successfully – by sophisticated cyberthreats. This may be why we saw a significant drop in the percentage of organizations that don’t back up business-critical data, compared to last year’s report.

Still, there are signs that backup practices need more attention. Cybersecurity analysts typically stress the importance of a 3-2-1 data backup strategy: keeping three complete copies of data – two local, but on different media, and one off-site. Only 13% of respondents still adhere to this hybrid policy, down from 20% in last year’s survey. Overall backup frequency hasn’t increased either, opening businesses up to the potential of considerable data loss in the event that they’re forced to recover from days- or weeks-old backups. Half of organizations surveyed saw operational downtime due to data loss in 2020 – a frightening prospect for any company.

Complex Patchworks of Solutions Are Failing to Protect Workloads

As IT environments balloon in scale and complexity, IT professionals increasingly rely on a large patchwork of solutions to defend against data loss and other cyberthreats. Our survey found that most businesses already use up to 10 different services and agents to protect data, applications, and systems. And in last year’s global rush to adopt new solutions that can support remote work, this trend has only accelerated: 21% of respondents used more than 10 different security solutions.

This disparate approach is both inefficient and potentially dangerous. Technicians must learn to use and maintain a wide variety of applications, while the sheer number of running agents has the potential to overload systems. And complexity is itself a risk factor. Updates to one solution may introduce incompatibilities with others. The fact that these solutions – often from competing vendors – don’t interface together invariably leads to security gaps.

Despite all the solutions that businesses have enabled, half of IT professionals reported data loss resulting in downtime within the last year. That’s an increase of 7% over our 2020 findings, and 18% higher than in 2019. And 20% of IT pros said that they wouldn’t even know if sensitive business data had been surreptitiously modified, because their Data Management solutions make tampering difficult to detect.

For total cyber protection against modern threats, a holistic view is needed – one that integrates data protection, cybersecurity, and protection management to safeguard entire workloads through a single pane of glass. It has to be efficient and automated where possible in order to keep up with the growing number of threats.

Confusion Over Data Privacy Regulations Is Growing

While data protection and recovery are top-of-mind for many IT professionals, regulatory compliance is a murkier topic. About 10% of respondents weren’t sure whether they were subject to any data privacy regulations – twice the percentage that claimed ignorance in 2020.

Naturally, if IT pros don’t even know what regulations they’re bound by, they can’t reliably meet those mandated data privacy standards. This places businesses at risk of major fines for compliance violations, not to mention expensive litigation and reputational harm should data be leaked or lost as a result of these practices.

Applicable regulations continue to evolve. In the wake of Brexit, for instance, data privacy for web visitors from the U.K. will soon no longer be governed by EU GDPR guidance – the state will adopt its own rules that businesses around the world will need to accommodate. Businesses would do well to adopt solutions that help them to adhere to relevant data privacy frameworks, lest they face dangerous and potentially costly gaps in awareness and capability.

Final Thought

Armed with a slew of new tools, businesses around the world are tackling the challenges of remote work as well the storm of increasingly automated cyberthreats that’s risen to match. But the tactics that professional IT teams have relied on for years are no longer enough to ensure complete cyber protection.

Stacking more and more solutions is inefficient at best, and in extreme cases can even cause a net increase in your risk exposure. A new approach is necessary, one that takes a holistic view of entire corporate workloads – data, applications, and systems. Businesses must look to integrated solutions that simplify cyber protection, reduce complexity, and connect disparate capabilities while keeping users informed of their protection status.