How has the pandemic changed CISO priorities?
The world recently passed the one-year anniversary of the COVID-19 pandemic. Even with vaccines rolling out across the world, global lockdowns and travel restrictions continue unabated. The impact continues to be felt in every kind of business and organization, as workers either continue to work from home or adhere to strict health protocols to minimize transmission of the virus in the workplace.
And unfortunately, hackers continue to take advantage of the security gaps in this “everywhere workplace” — in which IT infrastructures are everywhere, and distributed employees need access to corporate data wherever they work, on any device. Cybercriminals fully understand that more employees are working from home on loosely secured mobile devices and easily hackable Wi-Fi networks, and launching attacks aimed at them. For instance, SMS phishing attacks increased by a staggering 29% between March and July 2020 alone.
Is it possible to tame the mobile threat landscape?
Enterprise organizations are more vulnerable to these attacks because the threat landscape has expanded exponentially with the massive shift to remote work over the past year. Today, there’s virtually nothing left of the traditional enterprise security perimeter because now everyone and everything that accesses business resources lies beyond it. As a result, CISOs face the unprecedented challenge of retooling their security strategies to protect enterprise data across all the devices, applications, and networks that employees are using to work from home, while also delivering a seamless end user experience.
To better understand how enterprise security strategies have shifted, Ivanti commissioned independent market research agency Vanson Bourne to conduct a study examining how CISOs across EMEA have responded to the new remote work environment.
CISOs need to regain control and visibility across the “everywhere workplace”
The survey revealed that, above all, CISOs are generally concerned about the lack of visibility and control over the remote work environment, which includes all of the home networks, personal devices, unmanaged apps, and personal clouds that employees use to access business apps and data. This environment is highly vulnerable to mobile threats, including phishing attacks that can harvest employee login credentials to gain access to business resources.
It’s clear that the “everywhere workplace” isn’t going away any time soon, if ever. In fact, a recent Gartner survey found that 80% of company leaders around the world plan to let employees work remotely from now on, either full-or part-time. As a result, security leaders have already started to shift their security strategies to confront the mobile threat landscape. For example:
- IT security budgets are expected to increase this year, and many CISOs plan to spend a large portion of that on comprehensive mobile security solutions including UEM.
- Almost two-thirds of survey respondents said that eliminating password-based logins and moving to multifactor authentication will be a major priority — partly to improve security and also to deliver a better user experience.
- The user experience is highly important to CISOs today, because if employees face too many security barriers, they will go around corporate protocols to gain access to the resources they need for work.
Read the full report to find out how CISOs are shifting their mobile security priorities to prepare for the challenges ahead.