Hybrid work taking a toll on security posture

Hybrid work taking a toll on security posture – report

Thu, 13th Apr 2023

FYI, this story is more than a year old

Red Access has published its inaugural 2023 State of Hybrid Work and Browsing Security Survey Report, a report that sheds light on the challenges faced by CISOs in today's age of hybrid work.

The report's primary points of interest include the impact of the hybrid workforce on security posture, the new risks this way of work introduces, as well as modern CISOs' chief concerns and strategies for hybrid work security moving forward.

The report is based on the survey responses of 300 chief information security officers (CISOs) from the U.S. (200) and U.K. (100), hailing from companies of 5,000 or more employees, and representing a wide variety of verticals.

Among the report's most critical findings is the revelation that browsing-based threats ranked as CISOs' number one concern, regardless of whether their organisation was operating primarily in an in-office, hybrid, or remote setting. And as for the risks posed by hybrid and remote workers specifically, insecure browsing also topped the list of CISOs concerns.

The report goes on to reveal a number of other key findings around the role of hybrid and remote work, and their impact on organisational security, including:

Hybrid Work is Here to Stay: Nearly two-thirds (63%) of CISOs said they anticipate most employees at their organizations would work under a primarily hybrid or remote model in three years time.

Hybrid Work Hampers Organisational Security: 72% of CISOs agree that the hybrid and remote workforce has a negative impact on their organisations security posture.

Browsing-Based Threats are CISOs #1 Concern: When asked to select the Top 3 most significant cyber threats to their organisations, Browsing Threats topped the list, with nearly half (43%) ranking it as a top concern. CISOs also ranked insecure browsing as the #1 hybrid/remote work security concern that puts their organizations at the most risk.

Secure Web Gateway (SWG) & Remote Browser Isolation (RBI) Solutions Come Up Short in Protecting Hybrid Workers Browsing: Rates of adoption of SWGs are significantly lower at organisations in which most employees would be working in a remote or hybrid environment in three years time (47%) than they are at organisations at which employees would be working primarily in-office (55%).

Hybrid Security Solutions Must Prioritise Seamless User Experience: 73% of CISOs said that, when selecting a new security solution, it is either extremely important or very important that it enables a seamless end-user experience on any device.

"The results of this study leave little doubt as to whats on the minds of todays top cybersecurity decision makers," says Dor Zvi, co-founder and CEO at Red Access.

"Now that web browsing permeates virtually everything we do at work, malicious actors are doing more to target this expanding attack surface; and its clear that CISOs have taken note," he says.

"In light of this growing trend, its imperative that organisations go beyond legacy solutions and invest in technologies that are dedicated to protecting every employees browsing activity, no matter where it originates.

"Web browsing has become the operating layer on which hybrid and remote work run, and organisations ought to do as much as they possibly can to secure it."