The emergence of the everywhere workplace has shifted the priorities of chief information security officers (CISO) away from combating network security threats and towards mitigating mobile security risks, according to a research by Ivanti, an automation platform.
The study, which polled 80 CISOs in Australia, revealed almost nine in ten (88%) of CISOs agree that remote work has accelerated the demise of the traditional network perimeter, and has subsequently given rise to a host of new IT security challenges. The study also disclosed that a similar number (90%) agreed that mobile devices have become the focal point of their cybersecurity strategies.
“With remote working now firmly established as standard practice across many ANZ industries, it is critical that CISOs ensure, long term, that working from anywhere and on any device is just as safe as doing so from the office, on a corporate-owned laptop,” notes Matthew Lowe, Ivanti area vice president ANZ. “IT infrastructures are dispersed, and employees need access to corporate data anywhere, at any time. The rise of the everywhere workplace has dramatically changed the role of the CISO, with a firm focus now placed on enabling, securing, and optimising mobile work environments.”
|
The study highlighted the challenges CISOs face today, involving trusted users, devices, networks, and apps that can access company data:
• Over half (58%) of respondents cited employees leveraging unsecured Wi-Fi to access business resources as a top IT security challenge during the pandemic
• Almost half (46%) cited mobile phishing attacks as a top IT security challenge
• Over two-fifths (44%) of CISOs cited employees using their own devices to access corporate data as a top IT security challenge
To address these challenges and to let employees perform better, 83% of respondents expect their IT security budgets to increase over the next 12 months. Based on Ivanti’s research, the average IT security budget for an Australian CISO last year was over $6 million. When asked on the specific software solutions they plan to invest in during the next year, unified endpoint management (UEM) and biometric authentication solutions came out on top.
Despite CISOs indicating that almost half (49%) of their overall security budget was spent on UEM software in the last year, four in five (86%) expected investment increase over the next year in specialised UEM software. The Ivanti study says this investment is primarily to manage and secure the mass influx of devices accessing corporate resources as employees work from anywhere.
Over three quarters (78%) of CISOs expect that their organisation’s reliance on biometric authentication to enable remote access to business data would jump, and a similar number (79%) said investments into specialised biometric authentication solutions will grow. The heightened focus on biometric authentication is likely due to the growth in phishing attacks.
Almost two-thirds (64%) of CISOs plan to invest in mobile threat detection software. And more than half (58%) noted that their top priorities next year will be enhancing user experiences, improving authentication to remote applications (57%), and moving critical business applications to the cloud (52%).
Lowe concluded: “Urgently adopting a zero trust security strategy to ensure only trusted users can access corporate data should be mission critical. Assuming networks have already been compromised, leveraging automation technologies that proactively detect threats, and self-heal and self-secure devices, and eliminating passwords in favour of biometric authentication measures are all ways CISOs can better provide a seamless yet secure experience for their everywhere workforce.”