85% of CISOs Admit they Sacrificed Cybersecurity to Quickly Enable Employees to Work Remotely
New research from Netwrix, the data security vendor, reveals that 85% of CISOs said that they had sacrificed cybersecurity to quickly enable remote work. The finding is part of the company’s 2020 Cyber #Threats Report, which summarizes feedback from 937 IT professionals worldwide about the recent cyber threats they have faced and how quickly they were able to respond. Netwrix conducted this online survey in June 2020 to understand how the pandemic and ensuing work-from-home (WFH) initiatives changed the IT risk landscape.
The survey further revealed that every fourth organization feels that they are exposed to more risks than before the pandemic. Of them, 63% reported an increase in the frequency of cyberattacks and 60% found new security gaps as a result of the transition to remote work.
Other notable findings discovered by the survey include:
- 25% reported suffering a ransomware or other malware attack during the first three months of the pandemic; 47% were able to spot it in minutes.
- Though only 14% of organizations encountered data theft by employees, 66% are anxious about this scenario, compared to just over half pre-pandemic.
- Supply chain compromises took the longest to detect: 55% needed days, weeks or even months to flag these incidents.
- 54% of CISOs admit to lacking the visibility needed to ensure proper data protection.
- 66% of the IT professionals surveyed regularly report to their executive leadership on the state of cybersecurity. The most common measure used is incident statistics; less than a quarter of respondents calculate financial metrics for their security projects.
Steve Dickson, CEO of Netwrix, remarked, “The broad disruption to businesses and swift transition to WFH caused by the pandemic forced many organizations to prioritize service availability over security. Now that we are all more comfortable with the new normal, IT and security pros should re-examine their earlier decisions with the goal of closing security gaps. This requires identifying sensitive information and reducing its exposure, gaining visibility into user activity, and automating change and configuration auditing to ensure rapid incident detection.”
The report is available at https://www.netwrix.com/2020_cyber_threats_report.html