Reports and research on the habits of organizations embracing remote or hybrid work continue to shed light on the inherent cybersecurity risks, including a recent Tenable study that found 74% of organizations attribute recent business-impacting cyberattacks to remote work tech vulnerabilities.
According to the report, conducted with Forrester, cloud services and apps, personal devices and remote access tools have essentially eliminated organizations’ security perimeters, resulting in more cyberattacks and compromise as IT managers struggle to manage the new technologies.
Now, 80% of security and business leaders say their organizations are more exposed to risk as a result of remote work, which the survey says was driven by three factors: a lack of visibility into remote employee home networks, the expansion of the software supply chain and migrating to the cloud.
According to the research, over half of remote workers use a personal device to access work data, and 71% of security leaders lack sufficient visibility into remote employee home networks, leading to a large portion of cyber attacks (67%) targeting remote employees.
Recent cyberattacks have also highlighted threat actors’ increased use of compromising third-party software providers or leveraging vulnerabilities in those products, and 65% of respondents to the survey link recent cyberattacks to those compromises.
Although the cloud is often viewed as being more secure than on-premises infrastructure, 80% of security and business leaders told Tenable that moving business-critical functions to the cloud elevated their risk, while 62% reported business-impacting attacks that involved cloud assets.
According to the survey, at least two-thirds of security leaders plan to increase cybersecurity investments over the next two years, with nearly 75% citing vulnerability management and cloud security as top priorities.
In a statement, Amit Yoran, CEO of Tenable, said remote and hybrid work aren’t going anywhere, so risks will continue to present themselves unless organizations adapt and secure their remote workforce.
“This study reveals two paths forward — one riddled with unmanaged risk and unrelenting cyberattacks and another that accelerates business productivity and operations in a secure way,” Yoran said. “CISOs and CEOs have the opportunity and responsibility to securely harness the power of technology and manage cyber risk for the new world of work.”