Risks and Riptides Survey – Summer’s Impact on Enterprise Security
Today’s security professionals are feeling the heat this summer – and for a good reason. They anticipate that cybercriminals will be working overtime, taking advantage of the fact that many employees are taking vacations and/or working remotely. Because of this, a surprisingly high amount of security professionals believe that their organizations are more at risk during the summer months compared to other times of the year, and are preparing to combat an onslaught of malware, ransomware, phishing, and BEC attacks while the rest of the company enjoys the beach.
Lastline conducted a summer security survey of 1,000 security professionals about employee behavior during the summer and how that impacts risk. The results highlight three key areas of impact on enterprise security: threat activity by cybercriminals, the increased exposure, and vulnerability of employees, and how security teams respond to keep their organizations protected.
Threat Activity – Criminals Are Increasing Attacks
While nearly half of respondents do not witness any seasonality to cyberattacks, of those who do, the majority (58%) see more threats in the summer than in other seasons.
Respondents report an increase in certain types of cyber-attacks throughout the summer, compared to other times of the year. Nearly a half of security professionals (47%) report seeing an increase in phishing attacks during the summer, which makes sense since cybercriminals may be relying on catching employees off guard, tricking them with spoofed emails while they’re not paying full attention. Additionally, 44% see an increase in malware, 26% see an increase in spear phishing/BEC, and 24% see an increase in ransomware.
Employees are easy targets, and criminals know that. It’s clear from this data that security teams must be ready for an increase of attacks during the summer, and must keep their workforce vigilant against popular attack vectors, such as phishing. Our recent blog post explains why phishing scams are so effective and offers some best practices for protecting against them – including encouraging employees to take an online training course to help them to identify suspicious emails. It’s also helpful for organizations to send test phishing emails to their workforce to keep them on their toes and provide public congratulations to those who successfully spot the emails as suspicious.
Increased Exposure and Vulnerability – And the Resulting Impact on Employees
While not all employees work remotely or while on vacation, many do. Nearly 20 percent of respondents indicated that more than 50% of employees work from outside the office at least five days throughout the summer, including while on vacation.
And when employees work remotely, they are outside of the secure confines of the organization’s office. They are more likely to use public WiFi, which security professionals know are highly susceptible to being hacked and distributing malware. Who can forget the results of our survey in which nearly half of the security professionals interviewed at RSA 2019 said they’d rather walk barefoot in a public restroom than connect to an unsecured public WiFi network?
In addition, they can be more susceptible to email attacks, as they rely more on personal and mobile email, which may not have the same protections in place as their company email. Being outside the office often means that they’re simply more relaxed and may let their guard down.
A third of security pros (34%) believe that the increase in threat activity is tied to, or the result of, employees working remotely. Plus, nearly a third (32%) say that their network is “much less defined in the summer” because more people are working remotely.
Gone are the days when security teams could implement perimeter controls – like Firewalls and IPS – to prevent all the bad stuff from entering their network. In a recent call, an industry analyst told us that many of his enterprise clients are simply abandoning IDS/IPS solutions because they simply don’t work anymore.
Given the migration to the public cloud, the introduction of IoT and WiFi-enabled personal devices, and generally more flexible arrangements that allow employees to work at home, the concept of a true IT perimeter has crumbled. This is exacerbated when more employees are working from outside the office from new, often public locations, not just their home office. Even while IT departments insist on using VPNs to access network resources, employees getting infected remotely still represent risk by simply walking back into the office and automatically being connected to the company’s WiFi network.
The expanded attack surface is already a test for security teams, so it’s no surprise that expanding it even more during the summer, as a result of more employees working remotely, is a concern and a challenge.
We asked what scares security pros the most about employees working remotely (multiple answers allowed). The result is that they’re scared about just about everything. Does this qualify as paranoid?
As a result of increased attacks (as reported above), and increased exposure of employees, a third of security professionals (33%) believe that their organization is more vulnerable to a cyberattack in the summer months compared to other times of the year.
Response – How are Security Teams Responding to Increased Risk?
So, what are security teams doing to respond to the increased threats? Clearly, they’re being proactive about improving security during this time of increased risk.
They understand that it starts with educating employees, with 88% indicating that their company reminds and informs employees about the cybersecurity risks of working remotely. But they also recognize that this alone will not mitigate the risk.
Perhaps due to being on heightened alert, over a third (36%) believe that their response time to a cyberattack would actually be faster compared to other times of the year. Unfortunately, one out of eight (12%) says it’d be slower.
Due to this increased risk, security professionals seem to be feeling pressured not to take advantage of the same benefits that their colleagues enjoy. Thirty-six percent feel like their organization is more vulnerable to a cyber attack when they go on vacation. Plus, 38% don’t take advantage of their company’s remote work policy, despite being allowed to.
It’s summer, and the criminals are expected to dial up their attacks against personal emails and employees who may have let down their guard a bit while working outside the network. Remind them to stay vigilant and don’t mindlessly click on every link or attachment that shows up in their inboxes. Also encourage them to use a VPN whenever they use public WiFi, which will prevent a man-in-the-middle type attack.
As for your security teams, unfortunately, it’s not the time to kick back and relax. Risks are increased, so you and your organizations need to be extra cautious. Fortunately, you’re pros, and as this survey shows, IT security professionals clearly are feeling the pressure and understand that they need to be on full alert.
These findings are based on a Pollfish survey of 1,000 U.S. respondents, aged 18 and over, that identified themselves as full-time cybersecurity or information security professionals. The survey was conducted between May 14th and June 6th, 2019.