Attackers are seizing on vulnerabilities in hybrid working environments, creating more work – and also larger budgets – for security teams, despite organisations accelerating digital transformation projects.
The latest State of Security Report from Infblox, which surveyed 100 UK respondents in IT and cybersecurity roles in the UK as part of its global sample, discovered that the recent surge in remote work has changed the corporate landscape significantly.
In fact 64% of UK organisations have accelerated digital transformation projects in order to support remote workers since 2020. This is higher than the global (52%) average.
As part of this shift just under half (49%) of organisations have increased customer portal support for remote engagement and 43% have added resources to their networks and data basis. Given that over a third (34%) have close their physical offices for good, this investment may prove to be a strong strategic move.
Cybersecurity still causing headaches
An increased digital footprint inevitably brings increased digital risk and the reality of a hybrid workforce is causing headaches for IT teams and business leaders. The data reveals that the loss of direct security controls and network visibility has half (50%) of UK companies more concerned about data leakage than anything else. Almost as many (45%) are worried remote worker connections will come under attack.
It appears that organisations have good reason to worry, given the report found that 61% experienced up to five security incidents in the last year. However, there is some good news: 66% report that these incidents did not result in a breach. This may be because 73% were able to detect and respond to a security incident within 24 hours.
Of the 44% reporting a breach, insecure WiFi access (47%) was the biggest cause. The data also suggests that UK workers are continuing to fall for phishing scams. In fact 4 in 5 (82%) breaches reported in the last 12 months were caused by this attack method. Phishing usually signals the need for or failure of employee and customer security awareness training that require technological backstops
Defense in depth
Infoblox’s report discovered that the majority of organisations are investing heavily in security tools to protect their hybrid environments. In fact, 59% of respondents saw bigger budgets in 2021 and 64% anticipate an increase in 2022.
Many are turning to defense-in-depth strategies, using everything from data encryption and network security to cloud access security brokers and threat intelligence services to defend their expanded attack surface. As part of this, almost half of organisations (47%) are relying on DNS (Domain Name System) to block back traffic.
“The pandemic shutdowns over the past two years have reshaped how companies around the world operate,” said Anthony James, VP of Product Marketing at Infoblox. “Cloud-first networks and corresponding security controls went from nice-to-have features to business mainstays as organisations sent office workers to work from home. To address the spike in cyberattacks, security teams are turning to DNS security and zero trust models like SASE for a more proactive approach to protecting corporate data and remote devices.”
The full report is available for download here.