Cybersecurity

Survey: 85% of CISOs admit to sacrificing cybersecurity to enable WFH setup

Every fourth organization admits that they are aware of being exposed to more risks now than before the pandemic, cybersecurity vendor Newtrix reveals in its latest survey. Of them, 63% reported an increase in the frequency of cyberattacks and 60% found new security gaps as a result of the transition to remote work.

Newtrix’s “2020 Cyber Threats Report,” summarizes feedback from 937 IT professionals worldwide about the recent cyber threats they have faced and how quickly they were able to respond. The online survey was conducted June 2020 to understand how the pandemic and ensuing work-from-home (WFH) initiatives changed the IT risk landscape.

What the company finds worrisome is that 85% of CISOs (chief information officers) said that they had sacrificed cybersecurity to quickly enable remote work — and that’s just those who admitted it. Having employees work from home makes it extremely difficult for 54% of CISOs to lacking the visibility needed to ensure proper data protection.

APT groups actively target Linux-based workstations and servers

MVP Group launches group-wide Cybersecurity Council

“Now that we are all more comfortable with the new normal, IT and security pros should re-examine their earlier decisions with the goal of closing security gaps,” said Steve Dickson, CEO of Netwrix. “This requires identifying sensitive information and reducing its exposure, gaining visibility into user activity, and automating change and configuration auditing to ensure rapid incident detection.”

Improper data sharing

Organizations were asked to list the incidents they have experienced since the transition to remote work and the most common threat patterns were dependent on the human factor: phishing (48%), admin mistakes (27%), and improper data sharing by employees (26%).

The survey also discovered that 25% of the respondents reported suffering ransomware or other malware attacks during the first three months of the pandemic with 47% of them were able to spot it in minutes.

External factors are not the only things that companies have to deal with because the survey found that 14% of organizations encountered data theft by employees and now 66% are anxious about this scenario, compared to just over half pre-pandemic.

Supply chain compromises took the longest to detect: 55% said they needed days, weeks, or even months to flag these incidents. While the report also found that there are relatively few organizations that experienced supply chain attacks more than half of them failed to identify and mitigate the incident quickly.

About 66% of the IT professionals surveyed regularly report to their executive leadership on the state of cybersecurity.