The impact of the hybrid workforce on security posture, as well as the risks introduced by this way of working, are posing concerns for CISOs and driving them to develop new strategies for hybrid work security, according to Red Access.
Among the report’s most critical findings is the revelation that browsing-based threats ranked as CISOs’ number one concern, regardless of whether their organization was operating primarily in an in-office, hybrid, or remote setting.
And as for the risks posed by hybrid and remote workers specifically, insecure browsing also topped the list of CISOs’ concerns.
The role of hybrid/remote work, and insecure browsing
Hybrid work is here to stay
63% of CISOs said they anticipate most employees at their organizations would work under a primarily hybrid or remote model in three years’ time.
Hybrid work hampers organizational security
72% of CISOs agree that the hybrid and remote workforce has a negative impact on their organization’s security posture.
Browsing-based threats are CISOs’ #1 concern
When asked to select the Top 3 most significant cyber threats to their organizations, “browsing threats” topped the list, with 43% ranking it as a top concern. CISOs also ranked “insecure browsing” as the #1 hybrid/remote work security concern that puts their organizations at the most risk.
Secure Web Gateway (SWG) & Remote Browser Isolation (RBI) Solutions come up short in protecting hybrid workers’ browsing
Rates of adoption of SWGs are significantly lower at organizations in which most employees would be working in a remote or hybrid environment in three years’ time (47%) than they are at organizations at which employees would be working primarily in-office (55%).
Hybrid security solutions must prioritize seamless user experience
73% of CISOs said that, when selecting a new security solution, it is either “extremely important” or “very important” that it enables a seamless end-user experience on any device.
“Now that web browsing permeates virtually everything we do at work, malicious actors are doing more to target this expanding attack surface; and it’s clear that CISOs have taken note. In light of this growing trend, it’s imperative that organizations go beyond legacy solutions and invest in technologies that are dedicated to protecting every employee’s browsing activity, no matter where it originates. Web browsing has become the operating layer on which hybrid and remote work run, and organizations ought to do as much as they possibly can to secure it,” Zvi concluded.