Tenable the Cyber Exposure company, published a global study that revealed 71% of organizations in India attribute recent business-impacting cyberattacks to vulnerabilities in technology put in place in response to the pandemic. The data is drawn from ‘Beyond Boundaries:
The Future of Cybersecurity in the New World of Work,’ a commissioned study of more than 1,300 security leaders, business executives and remote employees worldwide, including 92 responses in India, conducted by Forrester Consulting on behalf of Tenable.
Key findings in respect to Indian organizations
The study found a stark contrast between Indian organizations’ plans for a hybrid work model and the reality of securing it. 80% of Indian organizations plan to have employees working from home at least once a week in the next 12-24 months.
63% plan to make a permanent move to remote work over the next 2 years. But, an alarming 53% of security and business leaders expressed concerns that their organizations are only somewhat or not prepared at all to secure their workforce strategy.
Specific challenges about supporting a remote workforce include the lack of employee awareness to secure home networks and personal devices (53%) and visibility into employee security practices (56%).
Six out of 10 security leaders indicate that the risk posed by employee home networks and personal devices has increased since the beginning of the pandemic. Without the ability to understand the device and the network, security leaders need to control user access. Visibility pose a major challenge for security leaders
29% surveyed felt that they have enough staff to adequately monitor the attack surface. It’s clear that organizations need to eliminate blindspots by shoring up their defenses to support the next phase of their workforce model.
Impact of an Atomised Attack Surface
The study also found that the fast deployment of new technologies to facilitate remote work heightened the level of risk for Indian businesses.
In the past year, a staggering 88% of Indian organizations experienced a business-impacting cyberattack, with 56% of respondents indicating that the attacks targeted remote workers. It comes as no surprise that, as organizations adopted new technologies to embrace remote work, their software supply chain expanded.
65% of security leaders attributed recent attacks to a third-party software vendor compromise – underscoring the need for greater visibility into the atomised attack surface. Compromises in third-party software vendors, underscoring the need for greater visibility into vendors’ security practices
79% of security and business execs feel it’s more important to have greater visibility into their organizations’ software vendors in light of recent attacks
“The future of work is without perimeters and organizations must be prepared to secure their new reality,” said Kartik Shahani, country manager at Tenable India. “It’s more important than ever for business and security leaders to lock arms and weave cybersecurity into the fabric of their organizations’ digital infrastructure. Organizations must rethink their approach to understanding and managing cyber risk in the new world of work.”
Hybrid work models and a digital-first economy have brought cyber security front and center as a critical investment that can make or break short- and long-term business strategies. To address this demand, Indian security leaders plan to increase cyber security investments in vulnerability management (92%), cloud infrastructure and platforms (84%) and identity access management (66%).
Future Road Maps:
Foundational investments in cybersecurity will be a priority in this new world of work. Organizations will be shoring up their defences to support the next phase of their workforce model, boosting investments across the board. Eight out of 10 security leaders say they will be increasing their spending for network and data security, while roughly three-quarters will spend more on vulnerability management and cloud security. Endpoint security and credential/identity access management will also get a budgetary boost, cited by 66% and 65%, respectively.
Challenges:
In response to the challenges presented by the pandemic, organizations migrated both business-critical and nonbusiness-critical functions to the cloud, while others added to their portfolio of third-party partners to meet immediate software needs.
Eight out of 10 security and business leaders indicate their organizations have more exposure to risk today as a result of both moving to a remote workforce model and migrating business-critical functions to the cloud in response to COVID-19-related challenges. 6 out of 10 report increased risk related to expanding their software supply chain.
(Image Courtesy: www.saberpoint.com)