(Photo: Shutterstock)
CEOs and C-suite teams have a smorgasbord of worries to keep them awake at night, just like many of their HR department and other employees — and most of them are COVID-19 related. Only C-suite fears are scaled differently. One fear they have that most of us likely do not, is that of the company becoming the next notorious cybersecurity breach.
That's according to a new report from global cybersecurity firm Forcepoint. Its survey of 200 CEOs and CISOs (chief information security officers) from across such industries as finance, retail, and health care, found that 76% of executives are afraid of a security breach. And this is despite the fact that 87% believe their security team can actually anticipate threats.
The study also found that only 46% of leaders regularly review their cybersecurity strategies. That may change, given the elevated threat level security experts are seeing, especially around COVID-19 computer scams aimed at getting employees to trustingly give up their security credentials and give attackers access they need to steal identities, drain accounts, and hold organizations and their computer systems hostage for ransom.
The forced move to remote work, conducted in the span of just weeks, has opened many organizations up to the uncertainties of cybersecurity preparedness, something they could more easily take for granted when their workforce was concentrated in employer-controlled surroundings. A recent survey by security solution provider Barracuda found that 55% of organization heads said they would not have implemented remote working within the next 5 years, had it not been for the COVID-19 lockdown. Which could be why 51% of business decisionmakers agreed that their workforce is not properly trained in the cyber risks associated with long-term remote working.
And it found that 46% of global businesses have encountered at least one cybersecurity scare since shifting to a remote working model during the COVID-19 pandemic.
But don't necessarily blame workers. According to the survey, 50% of organizations during this time of chaos and uncertainty have let employees use personal email address and personal devices to conduct company work. It's an easy trap to fall into, perhaps — for example, if someone's laptop sent from corporate to their home was delayed, so the employee was given permission to use a personal device until the laptop came the next day.
And in the need to cut costs during the economic crisis caused by the pandemic lockdown, employers have sometimes chosen what seemed to be the lesser of all evils — cutting IT and security budgets to save money. Barracuda found that 40% of respondents have cut their cybersecurity budgets as part of COVID-19 crisis management.
But it's a choice that may prove costly. "When cybersecurity is deprioritized or neglected by businesses, hackers can target untrained, susceptible remote workers with increasingly sophisticated and incredibly realistic email phishing attacks," wrote Barracuda Chief Technology Officer Fleming Shi in a blog post discussing the survey findings.
We'll talk about phishing in a future article. But for now, be clear about one thing: Organizations must find a way to effectively plan for, budget for, and implement cybersecurity. At the least so they can ensure their CEOs can sleep at night. But seriously, the need for cybersecurity won't go away, nor will remote work. In fact, one of the lasting effects of the coronavirus pandemic will be the increase in remote work. According to a survey by Gartner, 74% of companies plan to move at least 5% of their previously on-site workforce to permanently remote positions post-COVID 19.
"This data is an example of the lasting impact the current coronavirus crisis will have on the way companies do business," said Alexander Bant, practice vice president, research for the Gartner Finance Practice. "CFOs, already under pressure to tightly manage costs, clearly sense an opportunity to realize the cost benefits of a remote workforce. In fact, nearly a quarter of respondents said they will move at least 20% of their on-site employees to permanent remote positions."
"Companies leading on the cybersecurity front today are realistic about the risks they face and are prepared to prioritize security to protect the lifeblood of their business – which is customer data and organizational IP," said Nicolas Fischbach, Global CTO of Forcepoint. " And with today's new way of working, getting this right within a remote work reality has never been more critical."
Complete your profile to continue reading and get FREE access to BenefitsPRO, part of your ALM digital membership.
Your access to unlimited BenefitsPRO content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking benefits news and analysis, on-site and via our newsletters and custom alerts
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical converage of the property casualty insurance and financial advisory markets on our other ALM sites, PropertyCasualty360 and ThinkAdvisor
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
