Study reveals 80% of organizations plan to have employees working from home, but security strategies lag behind
Tenable®, Inc, the Cyber Exposure company, published a global study that revealed 71% of organizations in India attribute recent business-impacting cyberattacks to vulnerabilities in technology put in place in response to the pandemic. The data is drawn from ‘Beyond Boundaries: The Future of Cybersecurity in the New World of Work,’ a commissioned study of more than 1,300 security leaders, business executives and remote employees worldwide, including 92 responses in India, conducted by Forrester Consulting on behalf of Tenable.
The study found a stark contrast between Indian organizations’ plans for a hybrid work model and the reality of securing it. Eighty percent of Indian organizations plan to have employees working from home at least once a week in the next 12-24 months, while 63% plan to make a permanent move to remote work over the next two years. But, an alarming 53% of security and business leaders expressed concerns that their organizations are only somewhat or not prepared at all to secure their workforce strategy.
Specific challenges about supporting a remote workforce include the lack of employee awareness to secure home networks and personal devices (53%) and visibility into employee security practices (56%). To further compound matters, a meagre 29% felt that they have enough staff to adequately monitor the attack surface. It’s clear that organizations need to eliminate blindspots by shoring up their defenses to support the next phase of their workforce model.
Impact of an atomised attack surface
The study also found that the fast deployment of new technologies to facilitate remote work heightened the level of risk for Indian businesses. In the past year, a staggering 88% of Indian organizations experienced a business-impacting cyberattack, with 56% of respondents indicating that the attacks targeted remote workers. It comes as no surprise that, as organizations adopted new technologies to embrace remote work, their software supply chain expanded. Sixty-three percent of security leaders attributed recent attacks to a third-party software vendor compromise – underscoring the need for greater visibility into the atomised attack surface.
“The future of work is without perimeters and organizations must be prepared to secure their new reality,” said Kartik Shahani, country manager at Tenable India. “It’s more important than ever for business and security leaders to lock arms and weave cybersecurity into the fabric of their organizations’ digital infrastructure. Organizations must rethink their approach to understanding and managing cyber risk in the new world of work.”
Hybrid work models and a digital-first economy have brought cybersecurity front and centre as a critical investment that can make or break short- and long-term business strategies. To address this demand, Indian security leaders plan to increase cybersecurity investments in vulnerability management (92%), cloud infrastructure and platforms (84%) and identity access management (66%).