The longer spell of remote working has led to more concerns about the capability of tools along with an acceptance of the importance of cybersecurity to the business.
According to the research of 2600 businesses by Cisco, two-thirds (62%) of respondents said more than half of their workforce were working remotely, with 85% saying that cybersecurity is now extremely important or more important than it was before the pandemic.
Secure access was determined as the top cybersecurity challenge faced by the largest proportion of organizations (62%) when supporting remote workers. Other concerns raised by organizations globally included data privacy (55%) and maintaining control and enforcing policies (50%).
Oliver Tavakoli, CTO at Vectra, said the initial flurry of adding security in to cover remote working use cases in March/April when employees were first sent home was when “many of those changes were held together with duct tape and bailing wire and were not intended for the long haul.”
He added: “As it becomes evident that the WFH model is going to be with us well into 2021 and there is a sense that many companies will not return to a pre-pandemic models of almost everyone working from an office all the time, longer-term and more sustainable investments into how employees connect to applications are being undertaken. Zero-trust and a bias toward cloud-native delivery of applications have become central to that direction.”
Daniel Norman, senior solutions analyst at the Information Security Forum, said the COVID-19 pandemic has highlighted particular shortcomings across the technical responses for many organizations. “Many multi-nationals’ technical crisis management and business continuity plans were inadequately positioned to enable a secure remote working environment for a global workforce, and those that have made the adaptations have been rushed and ad hoc,” he said.
“Many organizations prioritized productivity and operational success over security and privacy. At the start of the pandemic “keeping the lights on” was a frequently used strategy – however, over time, overdependency on untested technologies, new vulnerabilities in systems, poorly constructed policies and a lack of training for a remote workforce has meant that organizations are facing a deluge of cyber-threats, alongside an emergence of cyber-risks from their own workforce.”
The Cisco research also found that 61% of respondents stated their organizations experienced a jump of 25% or more in cyber-threats and alerts since the start of COVID-19. Norman said: “Training a remote workforce to manage emerging cyber-risks is also a challenge to do well. Remote working will likely never go away now, with many individuals preferring remote work to office work, so organizations face a choice – invest now and secure the crumbling infrastructure and fatigued workforce, or risk compromise.”
Commenting on why he felt cybersecurity is “more important” to businesses now than before the pandemic, Hank Schless, senior manager, security solutions at Lookout, said: “Everyone’s approach to cybersecurity architecture has changed forever. When every employee started working from home, organizations had to quickly scale their security to protect each home as a remote office. When this change first happened, many IT and security teams relied heavily on VPN to ensure secure access to corporate resources. However, what they soon realized was that creating a secure connection wasn’t enough in case the device itself was compromised.”
Tavakoli said it was important before, it is important now and will be important in the future. “The main thing to keep in mind is that when the way in which you utilize IT undergoes a dramatic shift, your cybersecurity strategy needs to follow.”
The Cisco survey found 60% of respondents are moderately or very concerned about the privacy protections associated with the tools they are using to support remote interactions, while half of the respondents do not feel that businesses can effectively protect their data today.
Schless said: “Without the visibility and conditional access capabilities of a modern endpoint protection tool, this could lead to a threat actor mistakenly being introduced into the corporate infrastructure. As a result, the security perimeter needs to be extended to every endpoint including iOS, Android and Chrome OS devices.”