(Photo: Shutterstock)

CEOs and C-suite teams have a smorgasbord of worries to keepthem awake at night, just like many of their HR department andother employees — and most of them are COVID-19 related. Only C-suite fears are scaleddifferently. One fear they have that most of us likely do not, isthat of the company becoming the next notorious cybersecurity breach.

That's according to a new report from global cybersecurity firmForcepoint. Its survey of 200 CEOs and CISOs(chief information security officers) from across such industriesas finance, retail, and health care, found that 76% of executivesare afraid of a security breach. And this is despite the fact that87% believe their security team can actually anticipate threats.

The study also found that only 46% of leaders regularly reviewtheir cybersecurity strategies. That may change, given the elevatedthreat level security experts are seeing, especially aroundCOVID-19 computer scams aimed at getting employees to trustinglygive up their security credentials and give attackers access theyneed to steal identities, drain accounts, and hold organizationsand their computer systems hostage for ransom.

The forced move to remote work, conducted in the span of justweeks, has opened many organizations up to the uncertainties ofcybersecurity preparedness, something they could more easily takefor granted when their workforce was concentrated inemployer-controlled surroundings. A recent survey by securitysolution provider Barracuda found that 55% of organization headssaid they would not have implemented remote working within the next5 years, had it not been for the COVID-19 lockdown. Which could bewhy 51% of business decisionmakers agreed that their workforce isnot properly trained in the cyber risks associated with long-termremote working.

And it found that 46% of global businesses have encountered atleast one cybersecurity scare since shifting to a remote workingmodel during the COVID-19 pandemic.

But don't necessarily blame workers. According to the survey,50% of organizations during this time of chaos and uncertainty havelet employees use personal email address and personal devices toconduct company work. It's an easy trap to fall into, perhaps — forexample, if someone's laptop sent from corporate to their home wasdelayed, so the employee was given permission to use a personaldevice until the laptop came the next day.

And in the need to cut costs during the economic crisis causedby the pandemic lockdown, employers have sometimes chosen whatseemed to be the lesser of all evils — cutting IT and securitybudgets to save money. Barracuda found that 40% of respondents havecut their cybersecurity budgets as part of COVID-19 crisismanagement.

But it's a choice that may prove costly. "When cybersecurity isdeprioritized or neglected by businesses, hackers can targetuntrained, susceptible remote workers with increasinglysophisticated and incredibly realistic email phishing attacks,"wrote Barracuda Chief Technology Officer Fleming Shi in a blog postdiscussing the survey findings.

We'll talk about phishing in a future article. But for now, beclear about one thing: Organizations must find a way to effectivelyplan for, budget for, and implement cybersecurity. At the least sothey can ensure their CEOs can sleep at night. But seriously, theneed for cybersecurity won't go away, nor will remote work. Infact, one of the lasting effects of the coronavirus pandemic willbe the increase in remote work. According to a survey by Gartner, 74% of companies plan to move at least5% of their previously on-site workforce to permanently remotepositions post-COVID 19.

"This data is an example of the lasting impact the currentcoronavirus crisis will have on the way companies do business,"said Alexander Bant, practice vice president, research for theGartner Finance Practice. "CFOs, already under pressure to tightlymanage costs, clearly sense an opportunity to realize the costbenefits of a remote workforce. In fact, nearly a quarter ofrespondents said they will move at least 20% of their on-siteemployees to permanent remote positions."

"Companies leading on the cybersecurity front today arerealistic about the risks they face and are prepared to prioritizesecurity to protect the lifeblood of their business – which iscustomer data and organizational IP," said Nicolas Fischbach,Global CTO of Forcepoint. " And with today's new way of working,getting this right within a remote work reality has never been morecritical."

READ MORE:

• Report: Executives likely to be targeted forcybercrime
• Employee emails and other causes of databreaches
• Nearly $100,000 stolen from participant in EsteeLauder 401(k) plan