Intelligent CIO North America Issue 25 - Page 68

INTELLIGENT BRANDS // Enterprise Security

1,100 IT pros spotlight the security hazards of hybrid work

California-based Anthony James , VP of Product Marketing at Infoblox , provides an insight into Infoblox ’ s survey into the global state of security , including the impact of remote workers .

Today ’ s cybersecurity challenges are not that much different than from past years , with one slight twist – the attack surface has dramatically shifted . The pandemic forced us to rethink our IT environment as most users had no choice but to work remotely , relying on their residential Internet services . This dramatic shift didn ’ t give us any time to plan connectivity or security .

The result is that every user ’ s device can become a potential threat . But this article is not another discussion about the perils of working from home ; it ’ s about understanding how this new paradigm affects the security thought process and what organizations have experienced concerning their security posture based on this new normal .
We recently commissioned a survey to understand the global state of security , including the impact of remote workers . It was completed with over 1,100 IT and cybersecurity decision-makers and influencer participants , covering 11 countries .
The participants also shed some insight into current threats and anticipated investments designed to prevent ransomware and other serious security concerns .
Unsurprisingly , the report highlights that moving to a remote work environment contributed to an increase in security incidents , including data loss , ransomware and attacks via cloud services . The result of the survey is a summary of all respondents , as well as multiple regional / countryspecific reports .
Anthony James , VP of Product Marketing at Infoblox
If you take the time to read all of the reports , you will find a commonality of tools most organizations invested in . VPN took the lion ’ s share of investments in the past 12 months . However , DDI and DNS technologies are growing in popularity . 41 % deployed cloud-managed DDI ( DNS , DHCP and IP management ) servers as security controls . When hunting down a threat source , 40 % relied on network flow data that DDI provides , 39 % used DNS queries , and 39 % used outside threat intelligence services .
What I also found interesting is how each country diverged in the types of threats or vulnerabilities they were most concerned about in the next 12 months .
Here are some examples that bring to life the fact that every region / country may face a common set of cyberthreats ; they may differ in the order of importance :
• Data leakage – this was the # 1 concern among almost all countries surveyed , with an outlier being the US , where ‘ Ransomware ’ made it to the # 1 spot .
• Ransomware – this was the # 2 concern among almost all countries surveyed , with an outlier being the US , where ‘ Data leakage ’ made it to the # 2 spot .
• Attack via remote worker connections made it to # 3 for almost all countries surveyed , with an outlier in the EMEA rollup , where ‘ Direct attack through cloud services made it to # 3 .
Another interesting find by comparing each region / country was with respect to where organizations identified the source of a breach . The following is another sample comparing some of these reports :
• Wi-Fi access point – this was the # 1 source of breaches for almost all countries .
• Cloud infrastructure or application – was the # 2 source of breaches for almost all countries .
43 % of respondents pegged the cost of a breach to US $ 1 million or more .
There are many great examples of how organizations respond to the new workforce environment , with many similarities between regions and countries . p
68 INTELLIGENTCIO NORTH AMERICA www . intelligentcio . com