Story image

Cybercrime remains a major barrier to cloud adoption in EMEA​

12 Oct 17

Cloud adoption is rampant around the world, however security concerns remain one of the biggest barriers.

According to a global study of more than 1,100 organisations conducted by Barracuda Networks, businesses in Europe, Middle East and Africa (EMEA) are increasingly turning to the Microsoft Office 365 productivity suite – but the spate of recent cyberattacks have thrown in a speed bump or two.

The study, titled ‘Office 365 Adoption: Drivers, Risks, and Opportunities’ delved into trends around the adoption and use of Microsoft Office 365, including contributing factors for decisions about migration versus remaining with an existing platform.

Almost two thirds of businesses in EMEA are now using Office 365, representing a huge increase of 50 percent on a similar Barracuda study from 2016.

Of the remaining 38 percent that are not using Office 365, just under 40 percent claim they plan to migrate in the future – which is significantly less than in the US, where 49 percent plan to do so.

Perhaps unsurprisingly in the wake of attacks like WannaCry and Petya, ransomware is the biggest concern for more than 90 percent of EMEA businesses, with nearly 48 percent admitting to having already being hit by an infection.

“As year-on-year adoption of Office 365 continues to increase in EMEA it’s natural to assume that concerns over cyber threats will keep pace,” says Chris Ross, SVP International at Barracuda Networks.

“What’s encouraging to see is that businesses are waking up to the importance of a layered approach, which suggests a better understanding of their liabilities when it comes to cloud adoption.”

Of those that had been attacked, email was by far the most common vector for cybercriminals with 70 percent of ransomware attacks entering via email. Web traffic came in second with a relatively small 18 percent and network traffic in third with 12 percent.

According to Barracuda, the most common reason for not migrating Office 365 has changed since last year, with businesses in EMEA joining those in the US in citing security concerns as the top reason (32 percent). However, unlike the US where this was the largest by a distance, EMEA businesses still cite a “no cloud” policy as a significant reason they have not migrated with 28 percent.

“One area in which this trend still has some way to go to reach the levels seen in the US is when it comes to third-party solutions to add an extra layer of security against spear phishing, impersonation or social engineering attacks,” Ross adds.

“Just 14 per cent of EMEA organisations had something in place, compared to 36 per cent in the US. We’d expect this to change over the next year, and urge businesses in EMEA to be on alert. We’re seeing criminals change their tactics – moving from the C-suite to lower and mid-level employees, and from large organisations to smaller ones with fewer resources.”

How to stay safe when shopping online
Online shopping is a great way to avoid the crowds – but there are risks.
Dell EMC embeds security in latest servers
Dell EMC's 14th generation of PowerEdge servers has comprehensive management tools to provide security across hardware and firmware.
Why data backups should be a part of daily operations
"Disaster recovery needs to address complete system failure and provide a set of security policies to govern disaster incidents."
Businesses focusing on threats from within - survey
Over 50% of respondents reported that 100 days of dwell time or more was representative of their organisation.
Corelight and Exabeam partner to improve network monitoring
The combination of lateral movement and siloed usage of point security products leaves many security teams vulnerable to compromise.
SailPoint releases first identity annual report
SailPoint’s research found that many organisations are lacking maturity in their governance processes over identities.
Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.