{"id":51116,"date":"2024-04-30T06:30:15","date_gmt":"2024-04-30T10:30:15","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?page_id=51116"},"modified":"2024-05-21T13:04:32","modified_gmt":"2024-05-21T17:04:32","slug":"geo-distributed-businesses-research-2024","status":"publish","type":"page","link":"https:\/\/www.kaspersky.com\/blog\/geo-distributed-businesses-research-2024\/","title":{"rendered":"Managing geographically distributed businesses: challenges and solutions"},"content":{"rendered":"<style>.c-page .colored.green {color:#00a88e}.c-page h1,.c-page h2,.c-page h3,.c-page h4,.c-page h5{ text-wrap: balance; } .c-wysiwyg blockquote{background: rgb(0 153 129 \/ 10%);}.c-wysiwyg blockquote p{font-style:normal} .img-big { width: 100vw!important; max-width: 1024px!important; left: 57%!important; position: relative; transform: translateX(-50%); }.accent{color: #00a88e; margin: 0;font-size:1.5rem;font-weight: 900;}.c-wysiwyg .accented-list li:before {top:1.15rem}.c-wysiwyg .accented-list li{margin-bottom:1.25rem}.c-wysiwyg hr+*{margin-top:2.5rem}.c-wysiwyg hr{border-bottom: 2px solid #00a88e; width: 120px;margin: 1rem 0 -1.25rem 0;}blockquote h5 { color: #00a88e; font-style: initial; } span.accented-quote { display: block; font-size: 60px; font-family: sans-serif; line-height: 20px; margin-top: 30px; margin-left: -3px; }@media(min-width: 40.6875rem){.accent{font-size:2rem}.c-wysiwyg .accented-list li:before {top:1.75rem}.c-wysiwyg hr{border-bottom: 2px solid #00a88e; width: 160px;}}span.footnotes { position: relative; display: inline-block; border-bottom: 1.5px dashed #333; line-height: 1em;transition: 0.5s; background: transparent; cursor: pointer; } span.note { position: absolute;line-height: 1.6em; width: 300px; opacity: 0; visibility: hidden; left: 0; top: 15px; transform: translateX(-50%); transition: 0.3s; background: white; padding: 15px 20px; box-shadow: 0px 3px 7px #ababab; border-radius: 3px; cursor: initial; } span.footnotes:hover { background: #ffffd5; } span.footnotes:hover .note { z-index:999;opacity: 1; visibility: visible; }@media(max-width:480px){span.note {position: fixed;left: 5px; top: 50vh;transform: translatey(-50%); width: 100vw;}}.c-wysiwyg .illustration-list { margin-left: 0; display: grid; grid-column-gap: 5vw; grid-template-areas: \"a a\" \"b c\" \"d e\"; } @media (max-width: 640px) { .illustration-list { grid-template-areas:\"a\" \"b\" \"c\" \"d\" \"e\" }  } .c-wysiwyg .illustration-list li { margin-bottom: 2em; } .illustration-list li:before { display: none; } .illustration-list span.accent { font-size: 1em; } .illustration-list img { width: 128px; }.desktop-banner {display:block!important} .mobile-banner{display:none!important} @media(max-width:768px){.desktop-banner {display: none!important} .mobile-banner{display: block!important}}a.c-slider__arrow.c-slider__arrow--prev.slick-arrow,.c-gallery-slider .c-slider__arrow.c-slider__arrow--next, .c-gallery-slider .c-slider__arrow.c-slider__arrow--right {background:none} .c-gallery-slider .c-slider__arrow.c-slider__arrow--next:before, .c-gallery-slider .c-slider__arrow.c-slider__arrow--right:before,.c-gallery-slider .c-slider__arrow.c-slider__arrow--left:before, .c-gallery-slider .c-slider__arrow.c-slider__arrow--prev:before { filter: invert(1); transform: scale(1.25); }.slick-slider .slick-list{max-height:410px!important}.c-article__content blockquote li, .c-article__content blockquote p { font-size: 1rem; }h5 { color: #737373; }.red{color:#d51616}.yellow{color:#99992e}.green{color:#34c334}.table-caption{font-size: .875rem;display: flex; gap: 30px; justify-content: center; margin-bottom: 2em;}<\/style>\n<p><img decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/04\/30061942\/geo-distributed-businesses-research-2024-featured.jpg\" alt=\"\" width=\"1400\" height=\"788\" class=\"img-big aligncenter size-full wp-image-51142\"><\/p>\n<p>In an increasingly connected world, a growing number of companies operate across multiple sites, often great distances away from HQ (headquarters) and each other. InfoSec professionals and Network Information Security decision makers in companies worldwide face the serious challenges of managing and protecting the networks that link these sites, and delivering coherent communication, high performance seamless access and effective data protection across the board.<\/p>\n<h2>Methodology<\/h2>\n<hr>\n<p>Kaspersky commissioned a global market research study, surveying <strong><em>1,000 Network and Information Security decision makers across six regions <\/em><\/strong>to gain a deeper insight into the challenges faced by experts working in geographically distributed companies as well as the solutions they employ to overcome them.<\/p>\n<p>Respondents from various regions such as the Americas (USA, Brazil, Chile, Columbia, Mexico,) Europe (France, Germany, the UK, Spain), the Middle East, Turkey &amp; Africa (Saudi Arabia, South Africa, Turkey, United Arab Emirates) Russia and Asia-Pacific (Singapore, China, Japan, India, Indonesia, Malaysia) were questioned in the survey.<\/p>\n<table>\n<tbody>\n<tr>\n<td>\n<p><strong>Regional spread<\/strong><\/p>\n<\/td>\n<td>\n<p>APAC \u2013 30%<\/p>\n<p>Americas \u2013 25%<\/p>\n<p>Europe \u2013 20%<\/p>\n<p>ME\u0422A \u2013 20%<\/p>\n<p>Russia \u2013 5%<\/p><\/td>\n<\/tr>\n<tr>\n<td>\n<p><strong>Company\u00a0size<\/strong><\/p>\n<\/td>\n<td>\n<p>38% \u2013 companies with 500-999 employees<\/p>\n<p>62% \u2013 companies with more than 1000 employees operating\n<\/p><\/td>\n<\/tr>\n<tr>\n<td>\n<p><strong>Operating<\/strong><\/p>\n<\/td>\n<td>\n<p>27% \u2013 across three sites<\/p>\n<p>27% \u2013 across four of five sites<\/p>\n<p>46% \u2013 more than five sites<\/p><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2>Key Findings<\/h2>\n<hr>\n<ol>\n<li>The biggest challenge for geo-distributed businesses was building and maintaining a coherent IT infrastructure across multiple sites according to<strong> <span class=\"colored green\">37%<\/span><\/strong> of companies. Problems with comprehensive information security across all assets and processes were the second most difficult issue <strong>(<span class=\"colored green\">24%<\/span>)<\/strong>.<\/li>\n<li>Staff from HQ played a key role in supporting teams at local sites in<strong> <span class=\"colored green\">69%<\/span> <\/strong>of geo-distributed companies. However, local employees\u2019 involvement was also significant, with <strong><span class=\"colored green\">58%<\/span><\/strong> of respondents stating that they contributed a great deal to supporting IT and information security processes.<\/li>\n<li>Two out of five<strong> (<span class=\"colored green\">40%<\/span>) <\/strong>geo-distributed organizations experienced network problems at least twice a month.<\/li>\n<li>Network failures or outages were an issue for <strong><span class=\"colored green\">55%<\/span> <\/strong>of companies, while <strong><span class=\"colored green\">45%<\/span><\/strong> experienced loss of connectivity and poor performance in their services and applications.<\/li>\n<li>More than three-quarters<strong> (<span class=\"colored green\">82%<\/span>)<\/strong> of companies need over an hour to restore network connections while <strong><span class=\"colored green\">12%<\/span><\/strong> of them take an entire working day or even longer.<\/li>\n<li>According to the research,<strong> <span class=\"colored green\">47%<\/span> <\/strong>of geo-distributed companies reported an \u201cextremely high\u201d level of information security for HQ, with a smaller percentage <strong>(<span class=\"colored green\">29%<\/span>) <\/strong>indicating branch offices received the same protection.<\/li>\n<li>IT development was kept in-house by<strong> <span class=\"colored green\">94%<\/span><\/strong> of multi-site organizations, with data and code hosted in a private cloud <strong>(<span class=\"colored green\">64%<\/span>)<\/strong> or in a hybrid cloud <strong>(<span class=\"colored green\">58%<\/span>)<\/strong>.<\/li>\n<li>Among the companies developing IT in-house,<strong> <span class=\"colored green\">79%<\/span><\/strong> used container environments to do so, but <strong><span class=\"colored green\">21%<\/span><\/strong> of them did not have any container security solutions in place.<\/li>\n<li>Most respondents<strong> (<span class=\"colored green\">85%<\/span>)<\/strong> that developed their IT using container environments had experienced cybersecurity incidents involving containers and\/ or Kubernetes in the last 12 months, resulting in financial losses for <span class=\"colored green\">38%<\/span> of these organizations.<\/li>\n<\/ol>\n<h2>Challenges facing geo-distributed companies<\/h2>\n<hr>\n<p>Running a coherent, multi-site strategy involves a number of potential problem areas: network configurations and security policies, procedures, people and communication, location and local regulations, infrastructure and channels\u2019 capacity, and cybersecurity.<\/p>\n<p>When asked to name the main challenges arising from operating geo-distributed companies, respondents clearly prioritized technological aspects. The most important one globally was building and maintaining a coherent IT infrastructure across multiple sites (37%), followed by comprehensive information security across all assets and processes within their company (24%).<\/p>\n<h6 style=\"text-align: center;\">What do you see as the three top challenges faced by your organization when it comes to managing all of your sites in a coherent way?<\/h6>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/05\/06132513\/geo-distributed-businesses-research-2024-1.png\"><img decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/05\/06132513\/geo-distributed-businesses-research-2024-1.png\" alt=\"\" class=\"img-big aligncenter size-full wp-image-51122\"><\/a><br>\nExamining the IT infrastructure and information security hurdles in multi-site operations, detection and response to cybersecurity incidents emerged as the greatest challenges, as cited by most respondents (42%). Nonetheless, it is merely one aspect in a long list of critical tasks network security specialists need to accomplish successfully to prevent their multi-site networks from becoming a liability for their organization.<br>\n<br>\nSeamless teamwork (39%), and monitoring the effective implementation of security measures (38%) played important roles when addressing cybersecurity issues across multiple sites.\u00a0 More than one third of global network security professionals also named building a cohesive security policy (36%), setting up and integrating new sites (35%), and finding and hiring staff with the right qualifications (34%) as challenges they faced.<\/p>\n<h6 style=\"text-align: center;\">Thinking specifically about IT infrastructure and information security issues: What are the specific challenges in these areas faced by businesses working across multiple sites?<\/h6>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/04\/30061459\/geo-distributed-businesses-research-2024-2.jpg\"><img decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/04\/30061459\/geo-distributed-businesses-research-2024-2.jpg\" alt=\"\" width=\"2048\" height=\"1370\" class=\"img-big aligncenter size-full wp-image-51123\"><\/a><\/p>\n<h3>Tools and solutions used:<\/h3>\n<p>A highly diverse set of skills and solutions need to come together to guarantee geo-distributed networks deliver on their promise of effective cohesion. This involves delivering robust protection against unauthorized access and attack, continuously monitoring security and performance, providing local incident response support, and setting up and protecting internal IT development. The feedback gathered from network security decision makers globally provides valuable insights into the way these important issues are being tackled.<\/p>\n<p>Centrally collecting and controlling IT Security information across multiple sites requires a set of tools: VPN was by far the most commonly utilized, with 75% of companies globally deploying it. The more sophisticated tools like SD-WAN (49%), SIEM (41%) and XDR (39%) were used by less than half of geo-distributed organizations.<\/p>\n<h6 style=\"text-align: center;\">Does your organization have any of the following tools, designed to centrally collect and control IT Security information for your sites?<\/h6>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/04\/30061514\/geo-distributed-businesses-research-2024-3.jpg\"><img decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/04\/30061514\/geo-distributed-businesses-research-2024-3.jpg\" alt=\"\" width=\"2048\" height=\"1286\" class=\"img-big aligncenter size-full wp-image-51124\"><\/a><br>\nInterestingly, the use of these more advanced tools is not dependent on the number of sites within the network or the size of the company \u2013 it is a direct reflection of the presence of a dedicated cybersecurity specialist whose role is entirely focused on cyber-defense. Evidence of showed 65% of companies surveyed who had a dedicated cybersecurity specialist used SD-WAN, 53% used SIEM and 50% used XDR. On the upside, only 2% of organizations with multi-site networks lacked of these tools.<\/p>\n<h3>Shared responsibilities:<\/h3>\n<p>Although staff from the HQ said they play a key role in supporting IT teams at local sites (in 69% of geo-distributed companies), local staff (58%) and third-party providers (43%) also made a big contribution in supporting local IT and information security processes.<\/p>\n<p>When it comes to problem resolution, the picture hardly changed: staff from HQ carry the responsibility in 63% of companies, local staff in 58%, and third-party providers in 39% of businesses.<\/p>\n<h6 style=\"text-align: center;\">Who is involved in supporting IT and information security processes at local sites?<\/h6>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/04\/30061527\/geo-distributed-businesses-research-2024-4.jpg\"><img decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/04\/30061527\/geo-distributed-businesses-research-2024-4.jpg\" alt=\"\" width=\"2048\" height=\"1286\" class=\"img-big aligncenter size-full wp-image-51125\"><\/a><\/p>\n<h6 style=\"text-align: center;\">When local IT network or security problems arise, who is responsible for resolving them?<\/h6>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/04\/30061542\/geo-distributed-businesses-research-2024-5.jpg\"><img decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/04\/30061542\/geo-distributed-businesses-research-2024-5.jpg\" alt=\"\" width=\"2048\" height=\"1286\" class=\"img-big aligncenter size-full wp-image-51126\"><\/a><\/p>\n<h2>Network problems encountered while maintaining multi-site infrastructure<\/h2>\n<hr>\n<h3>Connecting new sites<\/h3>\n<p>Bringing new sites online and making them part of a coherent network infrastructure was regarded by 82% of those driving network security as \u201cvery or fairly fast and easy\u201d. And those in more senior network security specialist roles were more confident that they could integrate new sites quickly and easily (85% C-suite CIS).<\/p>\n<h6 style=\"text-align: center;\">How would you describe the speed and ease of connecting new sites to your organization\u2019s network?<\/h6>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/05\/05203146\/1-How-would-you-describe-the-speed-and-ease.png\"><img decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/05\/05203146\/1-How-would-you-describe-the-speed-and-ease.png\" alt=\"\" width=\"2048\" height=\"1292\" class=\"img-big aligncenter size-full wp-image-51127\"><\/a><br>\nThe most typical IT and IT Security issues encountered when connecting new sites to a network were the implementation of a consistent IT security policy (48%) and maintaining traffic quality in existing structures (46%). Adequate bandwidth of communication channels and the reliability of hardware configurations were problems indicated by 39% of them.<\/p>\n<h6 style=\"text-align: center;\">What are the typical IT and IT Security issues you face (whether these are easy to resolve or not) when connecting new sites to your network?<\/h6>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/04\/30061613\/geo-distributed-businesses-research-2024-7.jpg\"><img decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/04\/30061613\/geo-distributed-businesses-research-2024-7.jpg\" alt=\"\" width=\"2048\" height=\"1014\" class=\"img-big aligncenter size-full wp-image-51128\"><\/a><br>\nIt is noteworthy that those who reported bringing new sites online is complex and slow were significantly less likely to experience issues with employees physically accessing the branch infrastructure on a regular basis (29% vs 36% of those saying \u201cfast and easy\u201d).<\/p>\n<h3>Supporting existing infrastructure<\/h3>\n<p>Once the networks have been brought online, problems related to the multi-site structure of organizations are common: 40% of surveyed companies experienced these difficulties worldwide at least twice a month.<\/p>\n<h6 style=\"text-align: center;\">How often do you encounter network problems related to the multi-site structure of your organization?<\/h6>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/04\/30061627\/geo-distributed-businesses-research-2024-8.jpg\"><img decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/04\/30061627\/geo-distributed-businesses-research-2024-8.jpg\" alt=\"\" width=\"2048\" height=\"1014\" class=\"img-big aligncenter size-full wp-image-51129\"><\/a><br>\nThe most common problem was network failures or outages (55%). Loss of connectivity was experienced by 45% of respondents, and the same number (45%) experienced poor performance of services and applications. More than half (54%) of those dealing with network outages faced this issue at least once a month, and as many as one in ten, once a week or more often.<\/p>\n<h6 style=\"text-align: center;\">What kind of network problems do you face on these occasions?<\/h6>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/04\/30061640\/geo-distributed-businesses-research-2024-9.jpg\"><img decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/04\/30061640\/geo-distributed-businesses-research-2024-9.jpg\" alt=\"\" width=\"2048\" height=\"748\" class=\"img-big aligncenter size-full wp-image-51130\"><\/a><br>\nWhen it comes to restoring their networks post-failure \/ outage, only 18% managed to reconnect in less than one hour, more than a third (34%) took at least two hours and more than one in ten (12%) needed a day or longer. Companies with dedicated network security specialists performed a little better (23% restored their networks within one hour), as did those with networks across more than five sites (22%).<\/p>\n<h6 style=\"text-align: center;\">How long does it typically take you to restore the network after a failure or an outage?<\/h6>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/04\/30061655\/geo-distributed-businesses-research-2024-10.jpg\"><img decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/04\/30061655\/geo-distributed-businesses-research-2024-10.jpg\" alt=\"\" width=\"2048\" height=\"1286\" class=\"img-big aligncenter size-full wp-image-51131\"><\/a><br>\nKeeping hardware up to date is essential to supporting network performance, yet nearly one third (31%) of companies said they did not exchange their routers and CPEs frequently, or that they had no formal replacement schedule at all. Only 41% ran annual replacement schemes for this type of hardware.<\/p>\n<h6 style=\"text-align: center;\">How are you managing the replacement of your routers \/ CPE (Customer Premises Equipment)?<\/h6>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/04\/30061709\/geo-distributed-businesses-research-2024-11.jpg\"><img decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/04\/30061709\/geo-distributed-businesses-research-2024-11.jpg\" alt=\"\" width=\"2048\" height=\"838\" class=\"img-big aligncenter size-full wp-image-51132\"><\/a><\/p>\n<blockquote><p><em>\u201cAs we can see, bringing new sites online is just the beginning of a complex journey for many geo-distributed companies. Not surprisingly, so are the challenges they often face further down the road: inconsistent security policies, network failures, and poor service performance. Given the importance of network infrastructure for modern businesses, any network downtime and IT issues carry a huge risk that can lead to reputational and financial losses. Fortunately, technologies like SD-WAN offer a solution to these challenges, a path already taken by many businesses.\u201d <\/em>\u2013 Maxim Kaminsky, Business Development Manager, Secure Access Service Edge, Kaspersky<\/p><\/blockquote>\n<h2>Protection from cyberthreats: is it equally effective in branch offices as it is at HQ?<\/h2>\n<hr>\n<p>A key issue with building a coherent strategy for information security in geo-distributed companies is the disparity between the levels of protection across all sites. Although the most sensitive data may be held centrally, access to the company network is clearly required from several locations, and these are typically not as well protected as HQ \u2013 creating security risks for the whole organization.<\/p>\n<p>In the study, fewer than four in ten (38%) were confident that all their locations are genuinely well protected. <em>Organizations in the MEA region placed greater emphasis on universally high levels of protection: here, 46% were sure that all of their sites are genuinely well protected. The opposite is true of companies in Russia, where only 20% felt this way.<\/em><\/p>\n<h6 style=\"text-align: center;\">In your view, how many of your locations are genuinely well protected from cyber threats?<\/h6>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/05\/05203206\/2-In-your-view-how-many-of-your-locations.png\"><img decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/05\/05203206\/2-In-your-view-how-many-of-your-locations.png\" alt=\"\" width=\"2048\" height=\"1292\" class=\"img-big aligncenter size-full wp-image-51133\"><\/a><br>\nThis can be driven by budgetary constraints, a lack of expertise, or the misconception that a lower level of protection will suffice for sites that play a secondary role in the company structure. As many as one in seven (14%) identified serious deficiencies with regards to protecting local business units from cyberthreats worldwide.<br>\n<br>\nLooking specifically at the differences in protection between HQ and local sites, just under half of respondents (47%) reported \u201cextremely high\u201d levels of information security for HQ, but only 29% believed this was implemented at local sites. Almost the same number (30%) said that information protection is \u201chigh, medium or low\u201d (as opposed to \u201cvery or extremely high\u201d) for non-HQ locations, pointing to potentially very costly shortfalls. <em>The greater emphasis on network security in MEA was evident again, with 54% reporting \u201cextremely high\u201d levels of information security for HQ, and 35% for all other locations, in stark contrast to Russia, where only 28% reported \u201cextremely high\u201d levels of NIS for HQ sites and 16% for other locations.<\/em><\/p>\n<h6 style=\"text-align: center;\">How would you evaluate the level of information security for your HQ and for your other locations?<\/h6>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/04\/30061737\/geo-distributed-businesses-research-2024-13.jpg\"><img decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/04\/30061737\/geo-distributed-businesses-research-2024-13.jpg\" alt=\"\" width=\"2048\" height=\"560\" class=\"img-big aligncenter size-full wp-image-51134\"><\/a><br>\nRespondents said monitoring non-HQ locations for cybersecurity-related events is most often shared between HQ and local teams (60%) but is almost never assigned to local staff (3%), indicating a lack of local expertise driven by staff shortages and lack of qualifications. In 37% of cases, staff from HQ said they are responsible for all monitoring activities. <em>Companies in MEA also placed most emphasis on HQ staff monitoring other network information security events at all the business\u2019 locations (44%), whilst only 30% of companies in the Americas and Russia assigned this responsibility firmly to HQ staff.<\/em><\/p>\n<h6 style=\"text-align: center;\">Does HQ staff monitor what is happening in the other locations regarding alerts, telemetry and other information, or is this a shared responsibility?<\/h6>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/05\/05203224\/3-Does-HQ-staff-monitor-what-is-happening.png\"><img decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/05\/05203224\/3-Does-HQ-staff-monitor-what-is-happening.png\" alt=\"\" width=\"2048\" height=\"1292\" class=\"img-big aligncenter size-full wp-image-51135\"><\/a><\/p>\n<h2>IT development challenges<\/h2>\n<hr>\n<p>The vast majority of companies with multi-site networks had in-house IT development (94%).<\/p>\n<h6 style=\"text-align: center;\">What is the set-up of the IT development team in your organization?<\/h6>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/04\/30061805\/geo-distributed-businesses-research-2024-15.jpg\"><img decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/04\/30061805\/geo-distributed-businesses-research-2024-15.jpg\" alt=\"\" width=\"2048\" height=\"660\" class=\"img-big aligncenter size-full wp-image-51136\"><\/a><br>\nOver half (53%) deployed remotely and 40% had IT development staff at locations outside of HQ.<\/p>\n<h6 style=\"text-align: center;\">Where do you host your data and code?<\/h6>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/04\/30061817\/geo-distributed-businesses-research-2024-16.jpg\"><img decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/04\/30061817\/geo-distributed-businesses-research-2024-16.jpg\" alt=\"\" width=\"2048\" height=\"748\" class=\"img-big aligncenter size-full wp-image-51137\"><\/a><br>\nThose with remote or regionally-based IT developers were most likely to host data and code in a private cloud (64%) or a hybrid solution (58%), and 88% took a DevSecOps approach to increase security levels for their release cycle.<\/p>\n<h6 style=\"text-align: center;\">Does your company use a container development method?<\/h6>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/05\/05203241\/4-Does-your-company-use-a-container-development-method.png\"><img decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/05\/05203241\/4-Does-your-company-use-a-container-development-method.png\" alt=\"\" width=\"2048\" height=\"1286\" class=\"img-big aligncenter size-full wp-image-51138\"><\/a><\/p>\n<h6 style=\"text-align: center;\">Do you use any cybersecurity solutions for container and\/or cloud protection?<\/h6>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/04\/30061846\/geo-distributed-businesses-research-2024-18.jpg\"><img decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/04\/30061846\/geo-distributed-businesses-research-2024-18.jpg\" alt=\"\" width=\"2048\" height=\"660\" class=\"img-big aligncenter size-full wp-image-51139\"><\/a><br>\nThe research also showed that container development is a well-established approach for increasing security, with 79% of companies operating across multiple sites using this method, but one in five (21%) of those using container development use this approach without a container security solution. Cloud security was a more common approach with 71% of respondents opting for this, whilst cloud workloads security was used by 46%.<\/p>\n<h6 style=\"text-align: center;\">Has your organization experienced any of these cybersecurity incidents related to containers and\/ or Kubernetes in the last 12 months?<\/h6>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/05\/21111715\/geo-distributed-businesses-research-2024-19.jpg\"><img decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/05\/21111715\/geo-distributed-businesses-research-2024-19.jpg\" alt=\"\" width=\"2048\" height=\"1370\" class=\"img-big aligncenter size-full wp-image-51140\"><\/a><br>\nAlarmingly, 85% of those using container development methods said they have experienced cybersecurity incidents related to containers and\/ or Kubernetes in the last 12 months. Around one third of these incidents were errors in configuration (34%), malware in the containers (32%) and cyber incidents during runtime (32%) creating serious system vulnerabilities.<\/p>\n<h6 style=\"text-align: center;\">What were the consequences of these cybersecurity incidents for the organization?<\/h6>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/05\/21111700\/geo-distributed-businesses-research-2024-20.jpg\"><img decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/05\/21111700\/geo-distributed-businesses-research-2024-20.jpg\" alt=\"\" width=\"2048\" height=\"1370\" class=\"img-big aligncenter size-full wp-image-51141\"><\/a><br>\nThe consequences of such incidents are very serious. More than one third (39%) reported a leak of confidential data, and 38% said the incident resulted in significant commercial damage, such as a drop in share value and a decline in sales. Customer trust was undermined for 34% of companies that experienced such cybersecurity breaches, and 32% said their company\u2019s reputation suffered.<\/p>\n<p>Recognizing the need for a more secure environment for their IT development, over half (56%) of those currently not using it are planning to shift to a container development set-up, with the vast majority (85%) planning to install a container security solution.<\/p>\n<blockquote><p><em>\u201cCloud migration and containerization is a winning combination for modern business due to processes acceleration, costs reduction, performance improvement, and much more. However, containerization can be hit and miss, and also offers potential severe consequences for both your business and reputation. Risks arise in each of the key components of container infrastructure and vary from a harmless failure of a single container, to malicious intrusion into company infrastructure \u2013 even with root privileges. To mitigate cloud migration risks, it is crucial to build comprehensive cloud workload security that will cover the entire infrastructure. Kaspersky Cloud Workload Security ecosystem that will be launched soon, will incorporate best protection practices for containerized environments, and deliver mature protection for your hybrid cloud infrastructure, while unique technologies save your private cloud computing resources.\u201d<\/em> \u2013 Timofey Titkov, Head of Cloud &amp; Network Security Product Line, Kaspersky<\/p><\/blockquote>\n<h2>Conclusion<\/h2>\n<hr>\n<p>Managing networks across multiple sites brings its own challenges and, although most companies seem confident that they are well equipped to handle them, the amount of downtime caused by network outages and failures, the time it takes to restore them, and the number of reported cyber incidents paint a different picture.<\/p>\n<p>Although the initial process of integrating new sites into a network infrastructure may seem straightforward, maintaining network integrity has proven to be an ongoing struggle for many companies, with frequent outages and performance issues. Swift recovery post-failure remains a pressing need, alongside the imperative of keeping hardware up to date, as issues could lead to financial and reputational losses. These findings underscore the critical importance of advanced solutions like SD-WAN to navigate the complexities of modern network management effectively.<\/p>\n<p>A pressing issue in geo-distributed is the disparity of protection against cyberthreats between HQ and branch locations. This discrepancy could be due to factors such as budgetary constraints, expertise availability, and differing perceptions of site importance. But the allocation of responsibility for monitoring cybersecurity events highlights a common reliance on HQ teams, indicating a potential shortage of local expertise. Addressing these disparities is crucial to safeguarding the entire organization against cyber threats effectively.<\/p>\n<p>With the increasing popularity of container development, new issues are arising. Most companies operating across multiple sites rely on in-house IT development, often deploying remote IT teams. These companies commonly opt for private cloud or hybrid solutions and adopt a DevSecOps approach to enhance security throughout the release cycle. Even though these companies using plan to increase security, a concerning number of them lack adequate security solutions, leading to a high incidence of cybersecurity incidents. Therefore, it is crucial to acknowledge the potential risks inherent in cloud migration and containerization and to adopt comprehensive cloud workload security systems to mitigate these risks effectively.<\/p>\n<p>Additional vigilance required to prevent cybersecurity breaches across complex, geo-distributed networks can only translate into effective network and information protection if it can rely on the right tools: leading edge security solutions that enable<\/p>\n<ul>\n<li>comprehensive monitoring, prevention and resolution of network security threats for the entire company<\/li>\n<li>effortless communication across sites to enable proactive policy development and implementation<\/li>\n<li>support for teams able to cooperate without barriers across all sites.<\/li>\n<\/ul>\n<h2>List of recommendations:<\/h2>\n<hr>\n<ul>\n<li>To build reliable networks, maintain geo-distributed businesses, and connect new branches with a zero-touch experience use a specialized solution like <a href=\"https:\/\/kas.pr\/85k4\" target=\"_blank\" rel=\"nofollow noopener\">Kaspersky SD-WAN<\/a>. It manages the entire corporate network from a single console, and converges separate communication channels and network functions of companies.<\/li>\n<\/ul>\n<ul>\n<li>Use centralized and automated solutions such as <a href=\"https:\/\/kas.pr\/ejj5\" target=\"_blank\" rel=\"nofollow noopener\">Kaspersky Next XDR Expert<\/a> for comprehensive cyber protection of all company assets and processes both in HQ and local offices. By aggregating and correlating data from multiple sources in one place and using machine learning technologies, this solution provides effective threat detection and fast automated response.<\/li>\n<\/ul>\n<ul>\n<li>To protect containerized environments, use specialized solutions for container security, such as <a href=\"https:\/\/kas.pr\/1mok\" target=\"_blank\" rel=\"nofollow noopener\">Kaspersky Container Security<\/a>, designed to provide security for all stages of containerized application development. It can be the first step of implementing complex DevOps and cloud security solution like an upcoming <a href=\"https:\/\/kas.pr\/6q5t\" target=\"_blank\" rel=\"nofollow noopener\">Kaspersky Cloud Workload Security<\/a>. The ecosystem provides comprehensive protection of customers\u2019 cloud infrastructure: hosts, virtual machines, instances in clouds, containers and Kubernetes; reduces costs and resource consumption.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>How geo-distributed companies manage their networks and provide effective data protection across the board.  <\/p>\n","protected":false},"author":2706,"featured_media":51142,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"categories":[],"class_list":["post-51116","page","type-page","status-publish","has-post-thumbnail"],"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/geo-distributed-businesses-research-2024\/"}],"acf":[],"banners":"","is_landing":true,"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/pages\/51116","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2706"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=51116"}],"version-history":[{"count":21,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/pages\/51116\/revisions"}],"predecessor-version":[{"id":51274,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/pages\/51116\/revisions\/51274"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/51142"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=51116"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=51116"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}