Eight months after the Russia-led highly sophisticated hacking campaign leveraging the SolarWinds Orion platform, the company has released its annual IT Trends Report, this one highlighting how IT professionals perceive their organization’s cyber risk management and mitigation after a tumultuous year.
The report touches on everything from external threats, internal threats, remote work policies and the pandemic’s effect on security.
The report, titled SolarWinds IT Trends Report 2021: Building a Secure Future, finds that security threats associated with external breaches and the internal impact of pandemic-influenced IT policies are the leading macro trends impacting enterprise IT risk.
According to the report, 46% of tech pros said their organizations had medium exposure to enterprise IT cyber risk over the last 12 months, with larger organizations saying they were exposed to more risk than smaller businesses.
When asked about their biggest external risk factors, 76% cited cyberattacks and other external security threats, but COVID-19 had an even greater impact on a businesses’ risk exposure, the survey found, as 70% cited remote work policies, 51% cited growth of data as a result of remote work, and 50% cited a distributed workforce or employee relocation.
Similarly, 58% of IT pros said the quick shift to remote work was a top aspect of current IT environments considered to increase an organization’s risk exposure. That was followed closely by unknown human factors such as employee security burnout (due to constant MFA exposure, changing passwords, and other security best practices) (56%).
Sixty-one percent said they are confident or extremely confident that their IT organizations will continue to invest in risk management over the next three years, and 62%said their senior leaders have a heightened sense of risk exposure.
However, some are still having some difficult in convincing their leaders of this reality. Thirty-six percent say their organization is prepared to mitigate and manage potential risk, but 26% (same in US data) said their senior leaders have difficulty convincing other leaders that they should invest more in security.
In a statement, SolarWinds President and CEO Sudhakar Ramakrishna said IT professionals are under even greater pressure to ensure optimized, secure performance for remote workforces while facing limited time and resources for personnel training.
“When it comes to risk management and mitigation, prioritizing intentional investments in technology solutions that meet business needs is critical,” he said. “More than ever before, tech pros must partner closely with business leaders to ensure they have the resources and headcount necessary to proactively address security risks. And more importantly, tech pros should constantly assess their risk management, mitigation, and protocols to avoid falling into complacency and being ‘blind’ to risk.”