A research from cybersecurity solutions provider Netwrix revealed the responses of several security leaders globally about the current cyberthreat scenario and how the pandemic and remote working conditions changed their security landscape. The research “2020 Cyber Threats Report” revealed that every fourth organization is concerned that they are exposed to more cyberattacks than before the pandemic.
Surprisingly, 85% of CISOs admitted that they had sacrificed cybersecurity due to a sudden shift to remote work conditions. While 63% reported an increase in the number of cyberattacks, 60% said they found new security gaps due to the distributed work environment. Phishing (48%), admin mistakes (27%), and improper data sharing by employees (26%) are reported as the most common cyberthreats since the transition to remote working.
Other findings include:
- 25% reported suffering a ransomware or other malware attack during the first three months of the pandemic, while 47% were able to spot it in minutes.
- Though only 14% of organizations encountered data theft by employees, 66% are anxious about this scenario, compared to just over half, pre-pandemic.
- Supply chain compromises took the longest to detect; 55% needed days, weeks or even months to flag these incidents.
- 54% of CISOs admit to lacking the visibility needed to ensure proper data protection.
- 66% of the IT professionals surveyed regularly report to their executive leadership on the state of cybersecurity. The most common measure used is incident statistics; less than a quarter of respondents calculate financial metrics for their security projects.
The research findings are based on the responses from 937 security decision makers working globally.
Steve Dickson, CEO of Netwrix, said, “The broad disruption to businesses and swift transition to work-from-home caused by the pandemic forced many organizations to prioritize service availability over security. Now that we are all more comfortable with the new normal, IT and security pros should re-examine their earlier decisions with the goal of closing security gaps. This requires identifying sensitive information and reducing its exposure, gaining visibility into user activity, and automating change and configuration auditing to ensure rapid incident detection.”