75% of CISOs surveyed state that since transitioning to working from home, they feel their organisation is at greater risk of cybersecurity attacks, and it’s only going to get worse.
An overwhelming percentage (75%) of CISOs consider their organisation to be at greater risk of a cybersecurity attack due to the transition to home working, with a third admitting they’ve taken their eye off the ball during these past 12 months losing track of leavers and devices, according to a new survey from BlueFort Security, a provider of cybersecurity solutions.
The study, which surveyed 600 CISOs from a variety of UK organisations, found that the combination of the COVID-19 pandemic, the resulting accelerated shift to digital, and the ongoing skills gap, have created a perfect cybersecurity storm leaving them more vulnerable to attacks than ever before.
A consequence of squeezed budgets and priorities has meant that 30% of CISOs have lost track of movers, joiners and leavers. Moreover, 29% have said they are missing corporate devices. Over a quarter (27%) of CISOs surveyed said gaps in staff cybersecurity awareness and knowledge have emerged, and the same percentage (27%) said the same of concerns regarding supply chain partner cybersecurity.
More than three quarters (77%) of CISOs admitted their business had experienced a cybersecurity incident in the last 12 months. This is despite the fact that almost the same percentage (74%) said their organisation had introduced additional cybersecurity measures due to remote working. Almost half (47%) said that mitigating cybersecurity threats had been their key priority and 41% prioritised identity and access management over the same period.
Looking to the future, once COVID restrictions have eased, 38% of CISOs expect their organisation to work in a hybrid way (between workplace and home). The direct impact of that is that the majority (85%) of CISOs believe managing cyber risk will become more complicated. For example, nearly half (44%) think their company should introduce rigorous enforcement of cybersecurity policies and sanctions to encourage tighter cybersecurity practices. Other reasons given include managing a remote workforce is more difficult (30%); the threat surface is more disparate and diverse due to hybrid or remote working (26%); it will be less clear where the end-points data is (24%), and there are more threats to worry about (20%).
On a positive note, almost 9 in 10 (89%) respondents stated that cybersecurity has become more of a priority to their Board in the last 12 months, and CISOs are investing in new technologies to help address these emerging challenges. 35% are looking at automation, 34% at machine learning, and the same percentage (34%) at network detection and response. 32% of CISOs are looking to deploy zero trust architecture and the same percentage (32%) said end-point detection and response. 27% of CISOs said they are looking to deploy AI.
Ian Jennings, co-founder of BlueFort Security commented: “The fact that CISOs have had a particularly tough time these past 18 months isn’t a surprise. What shocked me was the severity of the impact. It’s a sorry tale of a lack of visibility – of their infrastructure, their devices and their people – which has led to poor intelligence and restricted control. The positive takeaway from this is the recognition that new technology will play a significant role when it comes to redressing the balance.”
- Scaleup Spotlight: Climeworks is the key to fighting climate change
- How Wi-Fi6 will optimise hybrid working
- Which European countries have the best and worst cybersecurity?
- McAfee: How to make telehealth safer for a more convenient life online
About BlueFort Security
BlueFort Security was founded in 2007 by Dave Henderson and Ian Jennings at a time when the market was awash with generalist IT providers. With an exploding cybersecurity market, the BlueFort Team spotted a gap in the market. They founded a cybersecurity specialist that offers a select portfolio of technologies, together with highly flexible easy to access award-winning technical expertise and support.