Microsoft IT Cloud Security Survey conducted by IDC in Central and Eastern Europe (Poland, Czech Republic, Greece, Hungary, Romania) showed that business is not ready to fully respond to new challenges in information security: more than half of companies (58%) do not have a comprehensive cybersecurity strategy.
The study was conducted from September to November 2020. Security professionals, as well as IT engineers and business executives from various industries participated. Companies answered questions about 2020 events and plans for the next two years.
The year of the pandemic highlighted the many challenges that exist in cybersecurity, as companies were forced to adapt urgently to the new remote and hybrid work environment. This led to an increase in vulnerabilities and the formation of new risks.
79% of respondents cited secure remote access to corporate networks as a key need that needs more attention. It is worth noting that previously the first place and priority for companies was endpoint protection (69%).
The survey found that cybersecurity has grown in importance, with 9 out of 10 companies planning to maintain or increase their security budget over the next two years.
Only 42% of companies in Central and Eastern Europe have developed a comprehensive security strategy, with the majority of respondents (86%) stating that they are satisfied with their organization’s level of cyber security. This may indicate that some companies have a misleading sense of security. It is imperative that the approach to cybersecurity is dynamic and provides protection against attacks that are becoming more sophisticated by the day.
Leading the ranking in terms of developing a comprehensive cybersecurity strategy was Greece, where 63% of companies have already developed a strategy and 66% intend to increase their cybersecurity budget.
One of the factors affecting the level of IS is cloud solutions: 54% of respondents said they plan to move to the cloud within two years. This is a positive trend for companies seeking to preserve the flexibility of their approach, because cloud services tend to be more secure and allow for faster updates of IS systems.
The survey also identified the main directions of companies’ development in the field of IS for the next two years. It is worth noting the growing importance of continuous training, both for employees and IT specialists in the field of IS. In 2020, most organizations (54%) conducted IS training only on an ad hoc basis. This seems likely to change, as companies view professional development as a key driver of cybersecurity improvement.
At the same time, 68% of companies in CEE plan to provide cyber hygiene training within two years, with 56% focusing on improving the knowledge of technicians.
The past 12 months have brought unprecedented change to all areas of work life and prompted many organizations to accelerate their digital transformation. The survey results underscore the need for a proactive approach to cybersecurity to keep up with this rapid evolution.
European executives expect only 5% of employees to return to the office on a full-time basis. To mitigate the risks associated with securing remote workers, CEOs must support their employees: both by improving cyber hygiene and by providing tools that mitigate risks while allowing them to remain productive.
