Ever since the pandemic began, organizations globally encountered drastic changes in their business operations. The swift adoption of remote working significantly impacted the role of Chief Information Security Officers (CISOs) and other security leaders, making it difficult to deal with new cybersecurity challenges and combat/mitigate security threats.
Security leaders globally have changed their cybersecurity strategies according to the changing attack vectors. A recent survey from cybersecurity firm Ivanti revealed that remote working culture has shifted CISO priorities in handling cybersecurity matters. The study revealed that 88% of CISOs admitted that remote work has accelerated the demise of the traditional network perimeter and has subsequently given rise to a host of new IT security challenges. And around 90% of CISOs stated that mobile devices have become the focal point of their cybersecurity strategies.
The study surveyed over 400 CISOs across Europe, the Middle East and Africa (EMEA) and 80 CISOs in Australia.
- Over 80% of CISOs opined that passwords are no longer an effective means of protecting enterprise data.
- Over half (58%) of respondents cited employees leveraging unsecured Wi-Fi to access business resources as a top IT security challenge during the pandemic.
- Nearly 46% cited mobile phishing attacks as a top IT security challenge.
- Over two-fifths, (44%) of CISOs cited employees using their own devices to access corporate data as a top IT security challenge.
- Over 83% of respondents expect their IT security budgets to increase over the next 12 months to better enable remote workers.
- Around 64% of CISOs plan to invest in mobile threat detection software. And 58% noted that enhancing user experiences, improving authentication to remote applications (57%), and moving critical business applications to the cloud (52%) will be top priorities this year.
- The average IT security budget for an Australian CISO last year was over $6 million.
- When pressed on the specific software solutions they plan to invest in during the next year, unified endpoint management (UEM) and biometric authentication solutions came out on top.
- Despite CISOs indicating that almost half (49%) of their overall security budget was spent on UEM software in the last year, 86% said they expect investment to increase over the next year in specialized UEM software.
- Over 78% of CISOs expect that their organization’s reliance on biometric authentication to enable remote access to business data would increase.
“With remote working now firmly established as standard practice across many ANZ industries, it is critical that CISOs ensure, long-term that working from anywhere and on any device is just as safe as doing so from the office, on a corporate-owned laptop. IT infrastructures are dispersed and employees need access to corporate data anywhere, at any time. The rise of the Everywhere Workplace has dramatically changed the role of the CISO, with a firm focus now placed on enabling, securing, and optimizing mobile work environments,” said Matthew Lowe, Area Vice President ANZ Ivanti.
“The pandemic has acted as a catalyst for CISOs to ensure that working from anywhere, on any device, is just as safe as working from the office, on a corporate-owned laptop. The emergence of the everywhere enterprise – where IT infrastructures are everywhere, and distributed employees need access to corporate data everywhere – has dramatically changed the role of the CISO and put mobile device security firmly under the spotlight. CISOs must now place greater emphasis on enabling, securing, and optimizing mobile work environments,” said Nigel Seddon, VP of EMEA West at Ivanti.
Most CISOs Unprepared to Handle Cyberattacks
Similar research from Proofpoint revealed that 2020 elevated the CISO role and the expectations from the businesses. The survey 2021 Voice of the CISO report stated that 66% of CISOs feel their organization is unprepared to handle a cyberattack and 58% consider human error to be their biggest cyber vulnerability.