One of the most significant shifts the pandemic brought to the corporate world was the rise of the work-from-home (WFH) or the hybrid working model. The concept of working remotely has gathered much support in the past two years. Last month, the Ministry of Commerce in India also introduced a new rule which would allow employees of Special Economic Zones (SEZs) to work remotely for one year.
While the WFH and hybrid models have drawn an array of reactions, both good and bad from the public, they have also severely impacted the cybersecurity of many organizations. The fifth annual Mobile Security Index (MSI) by Verizon Business, released earlier this week, explains how. The Mobile Security Index provides unique insights into the current mobile threat landscape and what organizations are, or in many cases aren’t, doing to protect their data and key systems
Also read: Forget WFH. Work near home is the way forward
The pandemic has caused companies to be more reliant on mobile devices. 58% of organizations said that their users were using more mobile devices than 12 months ago and 53% of mobile devices now had access to sensitive data. 79% of respondents said that the recent change in working structures had affected their company's cybersecurity and 45% of the companies surveyed agreed that their cybersecurity had been compromised.
“For businesses–regardless of industry, size, or location on a map–downtime is money lost. Compromised data is trust lost, and those moments, although not insurmountable, are tough to rebound from,” Sampath Sowmyanarayan, CEO of Verizon Business, said in a news release.
The Verizon Mobile Security Index 2022 findings were based on an independent survey of 632 professionals responsible for security strategy, policy, and management. They also do the buying, managing, and security of mobile and Internet of Things (IoT) devices for their companies.
Security spending: 77% of respondents said that their security spending had increased in the preceding year. And while security spending is increasing, so is the severity of threats – 73% of the attacks were described as major attacks, as compared to less than 50% last year.
Acceptable use policies: 48% of respondents said that their companies did not have acceptable use policies in place; 51% of organizations do not give their employees security training when their working arrangements change and 68% of organizations have no policies against the use of public WiFi.
Human element: Users are one the biggest threats to the cybersecurity of organizations, the findings reveal. Over 82% of the breaches analysed had a human element – the role of people. According to the Federal Bureau of Investigation (FBI), Business Email Compromise (BEC) schemes (similar to phishing) in the US resulted in an estimated loss of nearly $2.4 billion.
However, companies and respondents alike, continue to remain optimistic about the future of cybersecurity. 64% of respondents agreed that public awareness of cybersecurity risks will increase in the future. Apart from awareness, experts suggest corporations use all the tools they're paying for to ensure the data of the organization isn't compromised.
Also read: Why cybersecurity can no longer be just a hygiene factor