A new cybersecurity report surveyed 937 IT professionals worldwide about the recent cyber threats they have faced and how quickly they were able to respond. Netwrix conducted this online survey to understand how the pandemic and ensuing work-from-home (WFH) initiatives changed the IT risk landscape. The survey revealed that every fourth organisation feels that they are exposed to more risks than before the pandemic. Of them, 63% reported an increase in the frequency of cyberattacks and 60% found new security gaps as a result of the transition to remote work. What is more worrisome is that 85% of CISOs said that they had sacrificed cybersecurity to quickly enable remote work.
Organisations were asked to list the incidents they have experienced since the transition to remote work; the most common threat patterns were dependent on the human factor: phishing (48%), admin mistakes (27%) and improper data sharing by employees (26%).
The majority of the threats and weaknesses listed in the survey aren’t new. Work from home scenarios have, however, increased the likelihood of incidents by increasing the attack surface of organizations due to remote working conditions. In a way, the pandemic is a blessing in disguise for security—you see, security and resilience of VPN systems wouldn’t have been tested to such a degree otherwise.
It’s understandable that 85% of CISOs have sacrificed security in order to enable remote work under these circumstances. Between business survival and security, survival clearly takes precedent. I would predict that a similar survey taken in 3-6 months from now would produce a more optimistic outlook regarding security posture within organizations.
Phishing does remain the top attack method due to its success being equal among remote workers and those working in an office environment. In other words, the pandemic hasn’t changed much for phishers.
Measuring the effectiveness of security controls is a well-known issue. This is reflected within organisational metrics. The ROI appears to be the least popular metric of those listed within the report. This is understandable due to the lack of industry accepted models in which to measure the ROI of security products and services.
A lack of visibility is also not a novel problem. Gaining full visibility into all applications within an organisation isn’t a simple task. Tracking applications, classifying them by business criticality, patching applications, as well as monitoring take quite a bit of effort. It is my hope that the concerns that have emerged this year around lack of visibility will compel organisations to work to resolve this issue.