Editorial

Firms facing new pandemic security challenges

New research by Tanium shows organisations’ IT security challenges have become more complex since the pandemic started

Posted 1 March 2021 by Christine Horton


Seven out of 10 UK and US organisations report facing new security challenges because of the pandemic – although only a third consider cybersecurity a top priority for 2021.

That’s according to new research released today by cybersecurity firm, Tanium.

More than half (52 percent) of IT decision makers (ITDMs) said their IT security challenges have become more complex since the pandemic started. They are observing several risky behaviours from employees amid the shift to remote work, such as storing sensitive data (41 percent), clicking on phishing emails (38 percent) and inappropriate admin access (37 percent).

 “Our distributed workforce means the end of the network perimeter as we know it and the rise of the endpoint,” said Chris Hodson, global CISO of Tanium. “But managing and securing endpoints requires visibility and control. You can’t secure what you can’t see. As the research reveals, it is critical that IT teams continue to invest in solutions that break down data silos and enable automation to ensure manageability, security and insight for their endpoints.”

Enterprises were reportedly overly confident in their security posture pre-COVID.Eighty-eight percent of companies reported that before the pandemic they felt some level of confidence in their ability to support remote work. Yet, when forced to go remote, only 39 percent of organisations found it easy to shift employees.

Despite this, only 33 percent considered “improving cybersecurity” as one of their top three IT initiatives for 2021.

Since the pandemic, ITDMs have observed risky behaviour from employees ranging from storing sensitive data (41 percent) to clicking on phishing emails (38 percent) to inappropriate admin access (37 percent). It’s not surprising to see risky behaviours around the use of Shadow IT/unsanctioned apps (35 percent), chat or conference apps (31 percent) and third-party file shares (31 percent) as employees try to be productive while working remotely. 

Since the pandemic began, 30 percent of respondents have observed their end users “not updating software.”

Investments

However,underlining the criticality of cloud in maintaining business continuity after remote work was introduced, 66 percent of companies accelerated their planned investments in cloud infrastructure. However, the cloud isn’t being adopted at the same rate in different regions. Forty percent of US IT decision-makers believe their company is well ahead of other companies in adopting new technologies such as cloud services, compared to only 24 percent of UK IT decision-makers who feel the same way.

The pandemic has also shifted investment priorities. After cloud infrastructure, organisations also prioritised investments in data and information security (63 percent), threat detection (60 percent), security/compliance software and services (59 percent), and device management (50 percent). The vast majority of ITDMs cite the pandemic as a key reason for the changes in budgeting priorities. 

IT is facing new security and operational challenges with increased complexity. Seventy-three percent of respondents say they face new IT security challenges, and 52 percent noted these challenges have become more complex since the pandemic started. Operations teams are also under pressure with 69 percent of respondents saying they face new IT operations challenges and 56 percent noting these challenges have become more complex. 

Additionally, Zero Trust, authentication and device management rise as the perimeter falls. Compared to their plans before the pandemic, 38 percent of businesses accelerated investments in technology that supports a Zero Trust architecture. Additionally, 55 percent accelerated identity and access management investments, and 51 percent accelerated investment in secure adaptive access. This comes at a time when visibility and management across newly distributed workforces is crucial. Accelerated investments in device management (50 percent), software management (49 percent) and compliance management software/services (48 percent) also reveal a need for a unifying platform to identify, inventory and manage endpoints.