Remote workforce has made business resilience and operations easier. Businesses have reshaped strategies and are now moving forward like a well-oiled machine. They have tried their best to even secure the extended periphery of cybersecurity to the endpoints of the remote workforce. However, with the battle against COVID-19 not seeming to end any time soon and with many businesses being bootstrapped to continue its operations, reports suggest cybersecurity is going on the back burner instead of being in the driver’s seat.
According to a Barracuda report, Singapore, which ranks in the top 5 for the most prepared in cybersecurity readiness, is also feeling complacent with more than half (51%) of the businesses saying that cybersecurity is now a secondary consideration despite the sharp rise in the number of threats to the remote workforce.
- 43% of Singapore organizations have cut their cybersecurity budgets to save costs as they responded to the pandemic.
- 39% lacked IT resources or time to upgrade their IT infrastructure in the shift to a remote working model.
- 48% of respondents said their employees are not properly trained in the cyber risks associated with remote working.
- 80% plan to provide improved online cybersecurity training and awareness for remote working staff.
Causes for Complacency
The report revealed that more than complacency, it was the shoestring budget that turned out to be the key factor in this case. The findings showed that 43% of Singapore businesses and organizations cut their cybersecurity budgets to save costs while responding to the pandemic. Additionally, 39% of the businesses had inadequate IT resources or little to no time to upgrade their IT infrastructure in the shift to a remote working environment. This highlights that spending on critical controls needs prioritization in the budget discussions held across various board rooms. Organizations can consider consolidating cybersecurity measures by investing in specialized third-party vendors, adopting SaaS-based tools, or assessing how automation could help free budget and resources for security.
The Need for Added Protection
Employees are often more distracted when working remotely and couple that with a lack of protection on BYOD devices and networks, it makes them more susceptible to cybersecurity attacks. Singapore also reported staggering numbers when it came to reporting cyber incidents. Nearly 51% of the organizations surveyed reported a minimum of at least one data breach or cybersecurity incident since the shifting to remote work. Of these, 51% reported that email phishing attacks was the primary source of attacks, which also emphasizes the need of additional security training for remote workers as human is generally considered as the weaker link in the cybersecurity chain.
Talking about training, 48% of Singapore respondents said their employees are underprepared or not properly trained in the cyber risks associated with remote working. In addition to this, 50% said they lacked confidence in the security of their web applications, which is another major target for malicious actors seeking access to corporate networks and data.
The Silver lining
The good news, however, is that most Singapore decision makers are already aware of the problems related to the cybersecurity posture of their remote workforce. This brings clarity and makes the job easier for them to design steps for improvement.
88% of the respondents said that they will need to upgrade their IT infrastructure to improve visibility and productivity, while 85% already knew that cross-industry collaboration was key to improving security standards. Additionally, for being better prepared, 80% respondents were planning to provide improved online cybersecurity training and awareness for remote working staff.