85 percent of CISOs admit sacrificing security to enable remote working
While the pandemic has driven a shift to remote working, a new report from cyber security vendor Netwrix shows that that 85 percent of CISOs admit they've sacrificed cybersecurity to enable it to happen.
One in four organizations feels that they are exposed to more risks than before the pandemic. Of these, 63 percent report an increase in the frequency of cyberattacks and 60 percent have found new security gaps as a result of the transition to remote work.
A survey of over 900 IT professionals carried out in June finds that the most common threat patterns are dependent on the human factor. These include phishing (48 percent), admin mistakes (27 percent) and improper data sharing by employees (26 percent).
Among other findings, 25 percent report suffering a ransomware or other malware attack during the first three months of the pandemic, though 47 percent say they were able to spot it in minutes. Only 14 percent of organizations encountered data theft by employees, but 66 percent are anxious about this scenario, compared to just over half pre-pandemic.
Supply chain compromises took the longest to detect, with 55 percent needing days, weeks or even months to flag these incidents. This is echoed in the fact that 54 percent of CISOs admit to lacking the visibility needed to ensure proper data protection.
"The broad disruption to businesses and swift transition to WFH caused by the pandemic forced many organizations to prioritize service availability over security," says Steve Dickson, CEO of Netwrix. "Now that we are all more comfortable with the new normal, IT and security pros should re-examine their earlier decisions with the goal of closing security gaps. This requires identifying sensitive information and reducing its exposure, gaining visibility into user activity, and automating change and configuration auditing to ensure rapid incident detection."
You can get the full report from the Netwrix site.