The State of Sysadmin 2024: Cybersecurity findings

Rachel Bishop
Rachel Bishop|April 30, 2024
Security green
Security green

Earlier this year, we released our annual State of Sysadmin report, which offered the opinions, sentiments, and challenges of more than 1,600 sysadmins. With the growing complexity and frequency of cyberattacks, we wanted to dive deeper into what sysadmins are seeing on the cybersecurity front.

Check out the entire State of Sysadmin 2024 report — or keep reading for some interesting cybersecurity findings.

More devices, more p̶r̶o̶b̶l̶e̶m̶s̶ cyberattacks

Do more managed devices mean more cyberattacks? We assumed that would be the case, but we dug into our data to find out.

We asked respondents if they’d experienced a cyberattack in the last five years. We also asked them how many devices they manage (excluding servers). Here are those results.

cyberattacks and devices managed

Around 11 percent of organizations where our respondents report between 1 and 25 devices managed have experienced a cyberattack in the last five years. A whopping 39 percent of organizations where our respondents report 1,000 or more devices say they’ve experienced a cyberattack in the last five years.

How to use this data

It's no surprise that more devices could mean an increased risk of cyberattacks. After all, more devices mean a larger attack surface — more opportunities for bad actors to weasel into your environment.

But if you're a small business with fewer devices to manage, don't let your guard down. We might assume that larger businesses that may be more prone to cyberattacks also have the resources to get back up and running. Smaller businesses often lack those resources.

No matter the size of your business, it's a good idea to invest what you can in tools that can help you thwart an attack — or recover should the worst happen.

An organization’s cyber posture is only as strong as its weakest end user. (Sorry for the anxiety that sentence just gave you.) We wanted to see if more end users (AKA, more employees) meant increased cyber risk.

To answer that question, we compared two data points: the number of organizations that have experienced a cyberattack in the last five years and how many employees work at these organizations. The results are in the chart below.

cyberattacks and number of employees (1)

For the most part, as the number of employees grows, so does the likelihood that their organizations have recently suffered a cyberattack. The exception to the rule is organizations with 1 to 10 employees: They experienced more cyberattacks than orgs with up to 100 employees. Perhaps that’s because small companies often lack the IT resources to combat cyberattacks.

How to use this data

Based on our survey findings, if you work at a smaller business (between 1 and 500 employees), it’s slightly less likely that you’ve experienced a cyberattack in the last five years than if you work at a larger business. But if you’re in a really small business with 10 or fewer employees, don’t let management talk you out of critical cybersecurity measures just to save a few bucks. After all, you're at a higher risk than those organizations with 11 to 100 employees.

More end users mean more liabilities. If you work at a tiny — or a medium to large — business, make sure you’re taking as many steps as you can to reduce your attack surface. Provide cybersecurity training to your end users so they know how to do their part to keep your environment secure.

Mac-only fleets face fewer cyberattacks

In this year’s survey, we asked respondents about the types of devices in their fleets. We wanted to know how many folks have Macs, PCs, or both in their environments — and which types of environments experienced a cyberattack within the last five years. Below is that data.

mac vs pc

Just like Apple tried to convince you circa the early 2000s, our survey results show that fleets with only Apple devices tended to face fewer cyberattacks in recent years. Nearly a third of respondents who manage PC-only fleets report having experienced a cyberattack within the last five years.

But don’t be too quick to rejoice, key holders to Mac-only kingdoms. Malware can still make its way into your environment — so stay vigilant.

How to use this data

If you’re an Apple fan, feel free to use this data point as a bragging right. Tell all your PC-loving friends and colleagues that you actually get 8 hours of sleep every night. Brag on that week-long vacation you took last month. Canceled Taco Tuesday plans? Not on Apple’s watch.

But in all seriousness, if you’re a sysadmin who’s genuinely concerned about cybersecurity, take careful steps to secure the devices in your environment, whether they feature a fruity or four-panel logo.

If you’re just getting started and unsure whether you should implement Macs, PCs, or both in your environment, check out our blog: Mac vs. PC: What’s right for your business?

Invest in cybersecurity training

Our survey asked respondents how often they host cybersecurity training and what they predicted their budgets would look like in the next year. That dataset is below.

cyber training vs budget

Good news to uncover here: Of the respondents who predict a significantly growing budget in the next year, 28 percent will likely host monthly cybersecurity training. On the flip side, only 5 percent of those who expect their budgets to shrink significantly plan to host monthly cybersecurity training. Other respondents with budgets somewhere in between largely predict they’ll host cybersecurity training ad hoc, yearly, or quarterly.

How to use this data

If you expect your budget to grow, it’s a wise investment to put some of those dollars behind regular cybersecurity training for your employees. Even cybersecurity experts can use a refresher every now and then — not to mention poor Betty in accounting, who just can’t help but click every link she sees in an email.

More educated end users give you a leg up when it comes to thwarting the plans of threat actors.

Cyberattack preparedness

To end on a positive note, let’s talk about the level of preparedness for a cyberattack. When compared to last year’s survey results, more sysadmins report feeling at least somewhat prepared for a cyberattack this year. And sysadmins who report having experienced a cyberattack in recent years feel even more prepared than those sysadmins who scraped by without a cyber incident.

How to use this data

The unfortunate reality is that no cybersecurity tool can guarantee to prevent cyberattacks (and if a vendor does make that promise to you, they are lying). So, we move on to the next best thing: preparedness. It’s the key to minimizing the damage a cyberattack can cause.

Have an incident response plan in place — and a disaster recovery plan to get back up and running once you extinguish all the fires.

As a sysadmin, you’ve got a lot of plates spinning. From being ready to combat a cyberattack — to helping Jason, who’s locked himself out of his account (again) — you’ve got enough to deal with. But threat actors know that — and they’re primed and ready to exploit vulnerabilities in your environment to plant their foothold.

Streamline and simplify your vulnerability management program with PDQ Detect, which filters out the noise and highlights the vulnerabilities with the best chance of wreaking havoc. Try PDQ Detect free for 14 days.

Rachel Bishop
Rachel Bishop

A professional writer turned cybersecurity nerd, Rachel enjoys making technical concepts accessible through writing. When she’s not solving her Rubik’s cube, she’s likely playing a video game or getting wrapped up in a true crime series. She enjoys spending time with her husband (a former sysadmin now in cybersecurity) as well as her two cats and two birds.

Related articles