More than a year into the Covid-19 pandemic, security teams are still sailing blind when it comes to protecting their organisations as the sheer volume of remote working has created a highly unpredictable attack surface, presenting an opportunity to start to think and act differently, according to VMware Carbon Black’s Global Security Insights report.
A total of 80% of the 3,542 CIOs, CTOs and CISOs who responded to the VMware study said attack volumes have increased in the past year and identified a clear link back to remote-working employees, highlighting both vulnerabilities in legacy security technology and postures, and the risks inherent in fast-tracking digital transformation and innovation in a crisis.
Reflecting this acceleration, the study found that the majority of attacks experienced in the past year were cloud-based, and looking ahead, cloud-first security strategies are now essentially a universal must-have for CISOs, with 98% already using or planning to adopt one. Also, 61% agreed that because cloud had expanded the threat surface, they needed to view security differently, and 43% said they were planning to build more security into their infrastructure and apps, and cut down on the number of point solutions they run.
“The race to adopt cloud technology since the start of the pandemic has created a once-in-a-generation chance for business leaders to rethink their approach to cyber security,” said Rick McElroy, VMware principal cyber security strategist.
“Legacy security systems are no longer sufficient. Organisations need protection that extends beyond endpoints to workloads to better secure data and applications. As attacker sophistication and security threats become more prevalent, we must empower defenders to detect and stop attacks, as well as implement security stacks built for a cloud-first world.”
The top concerns for CISOs identified in the report were applications and workloads, together viewed as the most vulnerable points on the “data journey”. A total of 63% of respondents felt they needed more visibility over data and apps to pre-empt cyber attacks, and 60% said their leadership team feared bringing new apps to market because of the threat and resulting damage from cyber attacks.
Similar concerns were also found to be holding back adoption of artificial intelligence (AI) in the enterprise, which 56% of respondents said they were concerned about for similar reasons.
More worryingly, VMware found evidence of a troubling lack of urgency around cyber response, despite a surge in material breaches. Four out of five breaches in the past 12 months were considered material and yet security teams appear to be underestimating their likelihood – only 56% said they feared falling victim to one, and just 41% had updated security policies and approaches to mitigate the risk.
VMware said it was clear from the report that the ongoing pandemic has undoubtedly forced security transformation, and that this transformation is not over yet. Key focus areas for security teams heading towards 2022 must include more endpoint and workload monitoring and visibility, a coherent response to the uptick in ransomware attacks, delivering security as a distributed service, and adopting more intrinsic approaches to cloud security.