Research demonstrates enterprises must adapt to address telework security challenges

Published: Wednesday, 26 August 2020 08:09

Fortinet has published its 2020 Remote Workforce Cybersecurity Report, which investigates the cyber security challenges that organizations faced as a result of the dramatic shift to telework early in 2020 and the planned investments to secure remote work going forward.

The report is based on a survey conducted in June 2020. Participants were employed in 17 different countries, representing nearly all industries and the public sector.

The sudden shift to telework was challenging for most organizations

As the COVID-19 pandemic spread rapidly in the first half of 2020, many organizations were required to shift to telework practically overnight as teams around the globe were asked to stay home. Nearly two-thirds of the firms surveyed had to rapidly transition over half of their workforce to telework. In addition, most respondents said the rapid change presented a challenge to their organization, with 83 percent citing it as moderately, very, or extremely challenging. Only 3 percent were not at all challenged.

In addition, the evolving remote work environment, increased reliance on personal device usage, and overall influx of workers outside the corporate network opened an opportunity for unprecedented cyber threat activity. From opportunistic phishers to scheming nation-state actors, cyber adversaries found multiple ways to exploit the global pandemic for their benefit at enormous scale. Threats included phishing and business email compromise schemes, nation-state backed campaigns, and ransomware attacks. In fact, 60 percent of organizations revealed an increase in cyber security breach attempts during the transition to remote work, while 34 percent reported actual breaches in their networks.

With a spike in employees remotely connecting to the corporate network, an increase in breach attempts and overall cyber attacks, organizations cited the most challenging aspects of this transition as ensuring secure connections, business continuity, and access to business-critical applications.

At the time of the survey enterprises had already invested in key technologies as a result of the pandemic. Nearly half of organizations invested further in VPN and cloud security, while nearly 40 percent invested further in skilled IT professionals or network access control (NAC).

Almost all enterprises will invest more in secure telework

Given the number of attempted breaches and overall waves of cyber threats targeting remote workers, organizations need to carefully consider what technologies and approaches are needed to secure telework moving forward. Defensive strategies need to be adjusted to fully account for the extension of the network perimeter into the home.

Key points from the survey in this area include:

As of June this year, a long-term shift to telework was anticipated, with nearly 30 percent of organizations expecting more than half of their employees to continue working remotely full time after the pandemic.

Almost all organizations expect to invest more to secure telework long-term, with nearly 60 percent of enterprises spending more than $250,000 in secure telework investments in the next 24 months.

Moving forward, the majority of enterprises surveyed intend to make unplanned upgrades to their existing systems to secure telework. Many also plan to add new technologies not previously in place.

Only 40 percent of organizations had a business continuity plan in place prior to the pandemic. Yet, as a result of the pandemic and the rapid shift to remote work, 32 percent invested further in this area. While organizations have made improvements in securing their remote workforces since the beginning of the pandemic, survey data reveals several areas that could be considered opportunities for improving secure remote connectivity. These areas include:

Read the report (PDF)