Anthony James, VP of Product Marketing at Infoblox, provides an insight into Infoblox’s survey into the global state of security, including the impact of remote workers.
Today’s cybersecurity challenges are not that much different than from past years, with one slight twist – the attack surface has dramatically shifted. The pandemic forced us to rethink our IT environment as most users had no choice but to work remotely, relying on their residential Internet services. This dramatic shift didn’t give us any time to plan connectivity or security.
The result is that every user’s device can become a potential threat. But this article is not another discussion about the perils of working from home; it’s about understanding how this new paradigm affects the security thought process and what organizations have experienced concerning their security posture based on this new normal.
We recently commissioned a survey to understand the global state of security, including the impact of remote workers. It was completed with over 1,100 IT and cybersecurity decision-makers and influencer participants, covering 11 countries.
The participants also shed some insight into current threats and anticipated investments designed to prevent ransomware and other serious security concerns. Unsurprisingly, the report highlights that moving to a remote work environment contributed to an increase in security incidents, including data loss, ransomware and attacks via cloud services. The result of the survey is a summary of all respondents, as well as multiple regional/country-specific reports.
If you take the time to read all of the reports, you will find a commonality of tools most organizations invested in. VPN took the lion’s share of investments in the past 12 months. However, DDI and DNS technologies are growing in popularity. 41% deployed cloud-managed DDI (DNS, DHCP and IP management) servers as security controls. When hunting down a threat source, 40% relied on network flow data that DDI provides, 39% used DNS queries, and 39% used outside threat intelligence services.
What I also found interesting is how each country diverged in the types of threats or vulnerabilities they were most concerned about in the next 12 months. Here are some examples that bring to life the fact that every region/country may face a common set of cyberthreats; they may differ in the order of importance:
- Data leakage – this was the #1 concern among almost all countries surveyed, with an outlier being the US, where ‘Ransomware’ made it to the #1 spot.
- Ransomware – this was the #2 concern among almost all countries surveyed, with an outlier being the US, where ‘Data leakage’ made it to the #2 spot.
- Attack via remote worker connections made it to #3 for almost all countries surveyed, with an outlier in the EMEA roll-up, where ‘Direct attack through cloud services made it to #3.
Another interesting find by comparing each region/country was with respect to where organizations identified the source of a breach. The following is another sample comparing some of these reports:
- Wi-Fi access point – this was the #1 source of breaches for almost all countries
- Cloud infrastructure or application – was the #2 source of breaches for almost all countries
43% of respondents pegged the cost of a breach to US$1 million or more.
There are many great examples of how organizations respond to the new workforce environment, with many similarities between regions and countries.