The evolving workplace in the new normal is predominantly hybrid environment: strong end-user devices, fast, stable broadband., collaborative tools, all underpinned by a layer of security.
While this trend towards remote and anytime, anywhere work contributes to strong efficiency gains for the enterprise, it has also contributed to weakening endpoints from a security perspective —from laptops and smartphones to Internet of Things (IoT) devices.
The spike in remote work due to COVID-19 has made defending endpoints more difficult – 84% of IT leaders say protecting a remote workforce is harder. One likely explanation is the 148% increase in ransomware attacks on global organizations amid the pandemic outbreak.
Bad actors have begun targeting endpoints, with not just ransomware and increasingly sophisticated malware attacks, but with “file-less” attacks that cannot be detected by traditional anti-virus technologies. As such, enterprises across all sizes and sectors are facing increasing risks and threat vectors, with mounting financial costs.
Consider this. There has been a threefold increase in cyber security incidents.
As per a recent Ponemon Institute Report, remote working and digital transformation due to the COVID-19 pandemic increased the average total cost of a data breach. Asia was the most attacked region in the year, taking on 26% of all cyberattacks globally. The average cost was $1.07Mn higher in breaches where remote work was a factor in causing the breach, compared to those where remote work was not a factor.
The average total cost of a data breach increased by nearly 10% YoY, the largest single year cost increase in the last seven years. Data breach costs rose from $3.86Mn to $4.24Mn.
Ransomware attacks cost an average of $4.62Mn, more expensive than the average data breach ($4.24 million). These costs included escalation, notification, lost business and response costs, but did not include the cost of the ransom. Malicious attacks that destroyed data in destructive wiper-style attacks cost an average of $4.69Mn. The percentage of companies where ransomware was a factor in the breach was 7.8%.
There have been increases in threat incident types, such as unauthorized access (27%), web compromise (7%) and malware (5%).
With over reliance on smartphones, laptops, notebooks, and cloud-based apps—there are endless entry points for threats. With the evolution of the cyber threat landscape, the traditional endpoint security technologies are unable to keep up. Too often, these tools are not optimally configured—or are misconfigured entirely. All of this means that, without a robust endpoint detection and response solution, it is tough to protect systems and data.
Endpoint security suffers from poor protocols, processes, and practices. In a work-from-home context, with employees using multiple devices at once and suffering from attention deficit, there is reduced caution when it comes to clicking on potentially suspicious links.
Alongside, hybrid work environments also translate to anytime, anywhere work. This translates to risks emanating from unsecured networks, using personal laptops, smartphones and devices that are often unpatched and are prime targets for malware attacks.
Meet Ravinder Arora, Global Chief Information Security Officer, Infogain.
The notes below are from the Dell CIO Open Mic ‘Future of Work’ where I spoke with Ravinder Arora from Infogain on the emerging Cybersecurity paradigm, and lessons learnt in enabling new innovations in a remote-first environment, amongst others.
We spoke at length on the changing landscape of security, focus on endpoint security, and maintaining compliance to elevate the journey to workforce transformation.
Fairly early on, Ravinder and Infogain implemented a Zero Trust Network to counter the challenges of hybrid work environment. The focus was on implementing Cloud-based and end-point security solutions. Alongside, there has been a constant focus on developing employee awareness, and educating them constantly on good practices to follow at the new, anytime-anywhere workplace.
How is Dell Technologies enabling the modern workplace?
In the new normal, it is imperative to ensure great and personalized user experiences for their employees, for enterprises moving to, and aiming to succeed in a digital workplace. The goal of enhanced user experience is not just about increasing productivity. It is rather to ensure that great user experiences lead to further digital transformation, and adoption of new digital tools for collaboration and productivity.
- Providing the right devices, for an array of user cohorts, with built-in intelligence, security and privacy
- Enhance user productivity with a layer of software and services
- Accelerate modernization with automation, insights as well as enhanced user experiences in digital workplaces
In addition to the devices, Dell focuses on delivering solutions that enable secure and productive work from anywhere.
Reimagining the future of work is a formidable challenge. I believe organizations should aim at the following to prepare for the Hybrid Work era.
Based on recent experiences, our ability to respond to the unknown outlier events needs to be fast-paced. For the CIO, this translates to building more agility, flexibility, predictability and, most importantly, security in running the hybrid workplace with tech.
The workforce is getting transformed, enabling people to work and learn from anywhere. Irrespective of the organization size, or the shape that the digital workplace takes, the key CIO mandate is to ensure that the shift to a digital workplace is consistent, cost-effective, efficient and secure.
The CIO at the Centre
As we move ahead, we can be certain of more such black swan events. These will accelerate the pace of change, and pose challenges for the CIO.
This is where the future digital-ready CIO is one who leverages technology, and is able to equip and transform their organizations digitally. In adopting a digital-first approach, such CIOs are able to reimagine their organizations, differentiate with technology, and are insulated from external black swan events.