The emergence of the Everywhere Workplace has shifted CISO priorities away from combating network security threats and towards mitigating mobile security risks.
Ivanti has released the results of an Australian survey, which revealed that the emergence of the Everywhere Workplace has shifted CISO priorities away from combating network security threats and towards mitigating mobile security risks.
The study, which polled 80 CISOs across Australia, revealed almost nine in ten (88%) of CISOs agree that remote work has accelerated the demise of the traditional network perimeter, and has subsequently given rise to a host of new IT security challenges. A similar number (90%) agreed that mobile devices have become the focal point of their cybersecurity strategies.
“With remote working now firmly established as standard practice across many ANZ industries, it is critical that CISOs ensure, long term, that working from anywhere and on any device is just as safe as doing so from the office, on a corporate-owned laptop,” said Matthew Lowe, Area Vice President ANZ Ivanti. “IT infrastructures are dispersed, and employees need access to corporate data anywhere, at any time. The rise of the Everywhere Workplace has dramatically changed the role of the CISO, with a firm focus now placed on enabling, securing, and optimising mobile work environments.”
The main challenges that CISOs face today involve ensuring only trusted users, devices, networks, and apps can access company data:
- Over half (58%) of respondents cited employees leveraging unsecured Wi-Fi to access business resources as a top IT security challenge during the pandemic
- Almost half (46%) cited mobile phishing attacks as a top IT security challenge
- Over two-fifths (44%) of CISOs cited employees using their own devices to access corporate data as a top IT security challenge
To address these challenges and better enable remote workers, 83% of respondents expect their IT security budgets to increase over the next 12 months and based on Ivanti’s research the average IT security budget for an Australian CISO last year was over $6 million. When pressed on the specific software solutions they plan to invest in during the next year, unified endpoint management (UEM) and biometric authentication solutions came out on top.
Despite CISOs indicating that almost half (49%) of their overall security budget was spent on UEM software in the last year, four in five (86%) said they expect investment to increase over the next year in specialised UEM software. This increase in investment is primarily to manage and secure the mass influx of devices accessing corporate resources as employees work from anywhere.
Over three quarters (78%) of CISOs expect that their organisation’s reliance on biometric authentication to enable remote access to business data would increase, and a similar number (79%) said investments into specialised biometric authentication solutions will increase—this heightened focus on biometric authentication is likely due to the significant growth in phishing attacks.
Almost two-thirds (64%) of CISOs plan to invest in mobile threat detection software. And more than half (58%) noted that enhancing user experiences, improving authentication to remote applications (57%), and moving critical business applications to the cloud (52%) will be top priorities this year.
Lowe continued: “Urgently adopting a zero trust security strategy to ensure only trusted users can access corporate data should be mission critical. Assuming networks have already been compromised, leveraging automation technologies that proactively detect threats, and self-heal and self-secure devices, and eliminating passwords in favour of biometric authentication measures are all ways CISOs can better provide a seamless yet secure experience for their everywhere workforce.”
To download a complimentary copy of the survey results, please visit here.
Methodology
Ivanti commissioned independent market research agency Vanson Bourne to conduct a study examining how CISOs across Australia have responded to the COVID-19 crisis and the new remote work environment. Between March and April 2021, 80 CISOs from large enterprise organisations in Australia were interviewed to better understand their evolving security strategies. Interviews were conducted online using a rigorous multi-level screening process to ensure that only suitable candidates were allowed to participate.