Only half of organizations reviewed security policies due to the pandemic: Study
New research suggests that only half of organizations worldwide reviewed their cybersecurity policies when COVID-19 hit.
The COVID-19 pandemic prompted a rapid shift to working from home. Whereas organizations would often have their employees in the office -- and, therefore, access to corporate resources was more centralized there -- the need to provide remote options also increased the potential attack surface.
Virtual private network (VPN) usage is customary for remotely connecting to company systems. However, the pandemic prompted the more widespread use of personal PCs and handsets with varying levels of security -- and reliance on video conferencing tools and emails also caused headaches for security teams.
According to research published on Tuesday by the Ponemon Institute, on behalf of Intel, the global enterprise will spend roughly $172 billion on cybersecurity this year. However, only 53% of respondents said they refreshed their existing strategies due to the pandemic -- and this could indicate a disconnect between spending the cash and applying it correctly to the modern workplace.
When changes were made to existing policies, they were driven by factors including remote working demands, supply chain failures, increased cyberattack rates, and employee turnover.
In total, 59% of organizations surveyed in the research said their cybersecurity practices are "innovative," at least when it comes to threat detection, followed by 51% who believe they are innovative in how technology investments are made.
The pandemic has created what could become a permanent hybrid workforce. Enterprise organizations have recognized this requires a shift in investments, with remote work, artificial intelligence (AI), and automation becoming top priorities.
85% of respondents said that hardware & firmware-based security solutions are now a "high" or "very high" priority when it comes to security solution applications. In addition, 64% of those surveyed said that their companies were trying to boost security at the hardware level, with cloud, data centers, edge computing, and security operations centers (SOC) in mind.
The integration of zero-trust strategies is also on the table for enterprise players. As the pandemic continues to impact businesses worldwide, 75% of survey respondents said they have an increased interest in adopting zero-trust access and privilege frameworks.
See also
- OpenSSH now defaults to protecting against quantum computer attacks
- A Winning Strategy for Cybersecurity
- Bosses think that security is taken care of: CISOs aren't so sure
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0