61% of IT Teams Say the Number of Cyberattacks Targeting Their Organization Increased During 2020

OXFORD, U.K. — June 8, 2021 —

Sophos, a global leader in next-generation cybersecurity, today announced the findings of its global survey, “The IT Security Team: 2021 and Beyond,” which shows how increased security challenges during the pandemic offered IT teams a unique opportunity to build their cybersecurity expertise. The vast majority of IT teams that faced a rise in cyberattacks (82%) and a heavier security workload (84%) over the course of 2020 strengthened their security skills and knowledge. Despite the challenges created by the pandemic, 52% of the IT teams surveyed said team morale increased during 2020.

The increase in cyberattacks during the pandemic impacted IT security skills across all industry sectors covered in the survey, including education (83%), retail (85%) and healthcare (80%). The survey polled 5,400 IT decision makers in mid-sized organizations in 30 countries across Europe, the Americas, Asia-Pacific and Central Asia, the Middle East, and Africa.

“Around the world, 2020 was an unprecedented year for IT teams,” said Chester Wisniewski, principal research scientist, Sophos. “IT professionals played a vital role in helping organizations to keep going despite the restrictions and limitations necessitated by COVID-19. Among other things, they enabled education institutions to move learning online, retailers to switch to online transactions, healthcare organizations to deliver digital services and care under incredibly tough circumstances, and ensured public entities could continue to provide essential services.

“Much of this will have been done at high speed, with limited equipment and resources available and while facing a rising tide of cyberattacks against the network, endpoints and employees. To say things were probably pretty stressful for most IT teams is an understatement.

“However, the survey shows that in many cases these challenges have created not just more highly skilled, but more motivated IT teams, ready to embrace an ambitious future. As a growing number of countries are able to start planning for life beyond pandemic restrictions, we have an excellent opportunity to implement new IT and security policies, adopt more secure modern tools to manage employees and operations beyond the IT perimeter, build expert teams that blend in-house and out-sourced talent, and introduce security platforms that combine intelligent automation with human threat hunting expertise. There is no going back. The future may be just as unprecedented as the past.”

The main findings of “The IT Security Team: 2021 and Beyond” global survey include:

  • Demands on IT teams increased as technology became the key enabler for dispersed and digital organizations. Overall IT workload (excluding security) increased for 63% of IT teams, while 69% experienced an increase in cybersecurity workload
  • Adversaries were quick to take advantage of the opportunities presented by the pandemic. More than 60% of IT teams overall reported an increase in the number of cyberattacks targeting their organization over the course of 2020
  • The increased security workload and a rise in the number of cyberattacks enabled IT teams to build their cybersecurity skills and knowledge. It is likely that much of this professional development will have been informal on-the-job learning, acquired as teams tackled new technology and security demands, often under intense pressure and remote from their normal place of work
  • Facing challenges together boosted team morale. IT team morale also improved for many teams. More than half (52%) of the IT teams surveyed said team morale increased over the course of 2020. In many cases, morale appeared to increase in line with heavier workload and more intense attacks. For instance, ransomware victims were considerably more likely to have experienced an increase in team morale than those that weren’t hit (60% versus 47%). Morale is also likely influenced by external and personal circumstances during the pandemic, such as local lockdowns, the inability to see family and other factors. Regardless, the findings suggest that a shared purpose, a sense of value and facing adversity together helped to bond and lift the spirits of IT teams
  • The experiences of 2020 have fuelled ambitions for bigger IT teams and using advanced tools such as artificial intelligence (AI) in future technology strategies. Many organizations appear to have entered 2021 with plans to increase the size of both in-house and outsourced IT teams, and to embrace the potential of advanced tools and technologies. The survey found that 68% of IT teams anticipate an increase in in-house IT security staff by 2023, and 56% expect the number of outsourced IT security staff to grow over the same time frame.  An overwhelming majority (92%) expect AI to help deal with the growing number and/or complexity of threats. This could be due in part to the fact that 54% of IT teams believe that cyberattacks are now too advanced for the in-house team  to tackle on their own

The “IT Security Team: 2021 and Beyond” survey report is available in full on Sophos.com.

The IT Security Team: 2021 and Beyond survey was conducted by Vanson Bourne, an independent specialist in market research, in January and February 2021. The survey interviewed 5,400 IT decision makers in 30 countries, in the US, Canada, Brazil, Chile, Colombia, Mexico, Austria, France, Germany, the UK, Italy, the Netherlands, Belgium, Spain, Sweden, Switzerland, Poland, the Czech Republic, Turkey, Israel, UAE, Saudi Arabia, India, Nigeria, South Africa, Australia, Japan, Singapore, Malaysia, and the Philippines. All respondents were from organizations with between 100 and 5,000 employees.

About Sophos

Sophos is a global leader and innovator of advanced security solutions that defeat cyberattacks, including Managed Detection and Response (MDR) and incident response services and a broad portfolio of endpoint, network, email, and cloud security technologies. As one of the largest pure-play cybersecurity providers, Sophos defends more than 600,000 organizations and more than 100 million users worldwide from active adversaries, ransomware, phishing, malware, and more. Sophos’ services and products connect through the Sophos Central management console and are powered by Sophos X-Ops, the company’s cross-domain threat intelligence unit. Sophos X-Ops intelligence optimizes the entire Sophos Adaptive Cybersecurity Ecosystem, which includes a centralized data lake that leverages a rich set of open APIs available to customers, partners, developers, and other cybersecurity and information technology vendors. Sophos provides cybersecurity-as-a-service to organizations needing fully managed security solutions. Customers can also manage their cybersecurity directly with Sophos’ security operations platform or use a hybrid approach by supplementing their in-house teams with Sophos’ services, including threat hunting and remediation. Sophos sells through reseller partners and managed service providers (MSPs) worldwide. Sophos is headquartered in Oxford, U.K. More information is available at www.sophos.com.