When the global COVID-19 pandemic forced the world into lockdown mode, it’s safe to say cybercriminals were more prepared than the rest of us. Practically overnight, we were forced to learn, shop, socialize, and more online at home. A vast majority of us started working from home, which opened up a whole new set of challenges for corporate IT & security teams. Many of these challenges centered around the quick pivot required to enable a remote workforce to work securely. Criminals wasted no time taking advantage of the shift; data breaches, account takeover attacks, and malware campaigns skyrocketed.
With that in mind, SpyCloud partnered with Cybersecurity Insiders to examine the latest threats to remote workers, the key challenges of securing a remote workforce, how cybersecurity teams are responding, and how long-term remote work will color their investment priorities moving forward.
The 2021 Remote Workforce Security Report reveals the current state of cybersecurity at widely distributed organizations. It finds certain threats rising to the forefront of security practitioners’ minds, and some that aren’t yet at the top of the priority list but present significant, and perhaps under-appreciated, dangers to corporate assets and IP.
Key findings include:
Only 22% of organizations confirm that they were fully prepared for the massive shift to remote work from a security perspective.
90% of organizations believe they will continue to support increased work from home capabilities, yet they think much of the responsibility for securing the remote workplace is shifting to the individual employee.
Organizations are facing increased security support questions about phishing attempts (63%), suspicious two-factor authentication attempts (31%), and reports of malware on devices (27%).
Employees remain resistant to security protocols including mobile device management, MFA, VPN, file encryption, and password managers.
As you’d expect, year over year, there have been significant shifts in the threat vectors facing remote workers. Of particular note to us is the rise in phishing attempts, malware and malicious websites. A common thread throughout much of the study is the increased use of personal, unsecured devices to access corporate applications, and the risk of data leakage presented by a habit so difficult to stop – especially when 55% of organizations allow it.
Remote work is not going away anytime soon. Download the report today to examine what your peers think about the ongoing threats and vulnerabilities faced by enterprises today, and where you might need to shore up your defenses for the future. Let’s not mince words–for the foreseeable future, remote work is the new normal.
And yet, even when in-person work activities resume, the many extra accounts created to navigate our work life online will linger, and a breach of one neglected app or website can continue to endanger users and their employers. While you’re thinking about prioritizing security needs for 2021 and beyond, check your company’s breach exposure & see if solving for compromised credentials might need to move up a few bullets on your annual plan.