The emergence of the everywhere enterprise has shifted the Chief Information Security Officer’s (CISO) priorities away from combating network security threats and towards mitigating mobile security risks, Ivanti reveals. 87% CISOs surveyed agreed that mobile devices have become the focal point of their cybersecurity strategies, and 80% CISOs stated that passwords are no longer an effective means of protecting enterprise data, as hackers are increasingly targeting remote workers and mobile devices.
Remote work has accelerated the demise of the traditional network perimeter
The study, which polled 400 CISOs across EMEA, found 82% of respondents agree that remote work has accelerated the demise of the traditional network perimeter, and has subsequently given rise to a host of new IT security challenges. Today, the main challenges that CISOs face involve ensuring only trusted users, devices, networks, and apps can access company data:
• 45% of respondents cited employees leveraging unsecured Wi-Fi to access business resources as a top IT security challenge during the pandemic.
• 40% of CISOs cited employees using their own devices to access corporate data as a top IT security challenge.
• 33% cited employees using unauthorized apps to access corporate data as a top IT security challenge.
93% of CISOs stated that they had effective solutions in place to enable the unexpected shift to remote work at the start of the pandemic, 92% also stated they need additional IT security measures to better enable remote workers and address the new mobile threat landscape.
Mitigating mobile security risks
Looking ahead, 64% of CISOs plan to invest in mobile threat detection software. And 58% noted that enhancing user experiences, improving authentication to remote applications (57%), and moving critical business applications to the cloud (52%) will be top priorities this year.
“The pandemic has acted as a catalyst for CISOs to ensure that working from anywhere, on any device, is just as safe as working from the office, on a corporate-owned laptop,” said Nigel Seddon, VP of EMEA West at Ivanti. “The emergence of the everywhere enterprise – where IT infrastructures are everywhere, and distributed employees need access to corporate data everywhere – has dramatically changed the role of the CISO and put mobile device security firmly under the spotlight. CISOs must now place greater emphasis on enabling, securing, and optimizing mobile work environments.
“Every CISO should urgently adopt a zero trust security strategy to ensure only trusted users can access corporate data and invest in automation technologies that can discover, manage, secure and service all endpoints, devices, and data in the enterprise. They must assume their corporate networks have already been compromised and leverage technologies that can proactively detect threats, and self-heal and self-secure devices.
“To further reduce the attack surface, CISOs should eliminate passwords in favour of passwordless authentication. In doing so, they will also ensure that remote workers enjoy a seamless and secure user experience.”
