Cybersecurity concerns higher than before the pandemic - report
Intelligent identity and access security company BeyondTrust has released a survey showing Australian organisations are more concerned about cyberattacks than they were before the COVID-19 pandemic.
The survey of respondents polled at the recent AusCERT conference on the Gold Coast and the Australian Information Security Association Cybercon Connect in Sydney found that 82% of organisations have heightened security concerns due to the ongoing prevalence of remote working.
BeyondTrust says organisations recognise it is significantly more challenging to protect staff and resources when operating outside the firewall and connecting over the public internet.
BeyondTrust director of solutions engineering for the Asia Pacific and Japan Scott Hesford says these concerns are understandable as organisations were forced to make significant changes to their mode of operation in a very short space of time.
“Even now, more than two years after the initial lockdowns, many feel they still have much more work to do to ensure they are protected against cyberattacks,” he says.
When asked what specific security challenges they were currently facing, 89% of respondents nominated securing remote workforces. Additionally, 82% of respondents nominated implementing a Zero Trust strategy.
“While Zero Trust is seen as an effective way to protect both remote users and IT resources, it is a challenging strategy to adopt,” says Hesford.
“Many organisations understand the benefits such a strategy can deliver but are still struggling to achieve them.
BeyondTrust says it is not just employees working remotely, with 55% of organisations allowing third-party vendors to access their internal networks remotely. Of most concern is that two-thirds of those organisations provide VPN access for those remote third parties.
“Properly securing any VPN access is challenge for most organisations. We have seen a number of breaches over the last few years where VPN access has been leveraged by attackers to infiltrate corporate networks,” says Hesford.
“Dedicated secure remote access solutions are far easier to manage and provide the audit trail and granular security required by frameworks such as zero trust, whether for IT or OT (operational technology).
Encouragingly, the survey found that a majority of respondents believed that their cybersecurity budgets would increase in the coming year, with 61% of respondents indicating that spending will rise.
“This news is welcome as it shows that most organisations understand the importance of having robust security measures in place. With the threat landscape constantly changing, it is vital to deploy and manage a portfolio of security tools and services that deliver complete protection,” says Hesford.
He says Australian organisations will continue to face cybersecurity threats and challenges in the coming years, and IT security must remain a top priority for both spending and action.