Tuesday, 25 August 2020

Fortinet Research Demonstrates Enterprises Must Adapt to Address Telework Security Challenges Long-term

 

2020 Remote Workforce Cybersecurity Report Shows How Organizations Are Increasing


Investments to Secure Remote Work at Scale


Dubai, UAE., August 25, 2020


News Summary

Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated, and automated

cybersecurity solutions, today unveiled the 2020 Remote Workforce Cybersecurity

Report.

 The report investigates the cybersecurity challenges that organizations faced as

a result of the dramatic shift to telework early this year and the planned

investments to secure remote work in 2020 and beyond.

 This report is based on a survey conducted in June 2020. Participants are

employed in 17 different countries, representing nearly all industries and the

public sector.

 For a detailed view of the report, as well as some important takeaways, read the

blog. Highlights of the report follow.

“The COVID-19 pandemic will have lasting effects on how organizations invest in

cybersecurity. In fact, over 90% of enterprises plan to invest more to secure telework

over the next two years. Given a dramatically expanded digital attack surface, the waves

of cyber threats targeting remote workers, and the ongoing cyber skills gap,

organizations need to carefully consider what technologies and approaches are needed

to secure their telework strategies long-term,” said John Maddison, EVP of Products

and CMO at Fortinet. “They have an opportunity to maximize their investments with

cybersecurity platforms designed to provide comprehensive visibility and protection

across the entire digital infrastructure, including networked, application, multi-cloud, and

mobile environments. This ongoing shift to remote work will also require more than just

technology; cybersecurity training and awareness should also remain key priorities.”

The Sudden Shift to Telework Was Challenging for Most Organizations

 As the COVID-19 pandemic spread rapidly in the first half of 2020, many

organizations were required to shift to telework practically overnight as teams

around the globe were asked to stay home. Nearly two-thirds of the firms

surveyed had to rapidly transition over half of their workforce to telework. In


addition, most respondents said the rapid change presented a challenge to their

organization, with 83% citing it as moderately, very, or extremely challenging.

Only 3% were not at all challenged.

 In addition, the evolving remote work environment, increased reliance on

personal device usage, and overall influx of workers outside the corporate

network opened an opportunity for unprecedented cyber threat activity. From

opportunistic phishers to scheming nation-state actors, cyber adversaries found

multiple ways to exploit the global pandemic for their benefit at enormous scale

as evidenced by a recent FortiGuard Labs Global Threat Landscape Report.

Threats included phishing and business email compromise schemes, nation-

state backed campaigns, and ransomware attacks. In fact, 60% of organizations

revealed an increase in cybersecurity breach attempts during the transition to

remote work, while 34% reported actual breaches in their networks.

 With a spike in employees remotely connecting to the corporate network, an

increase in breach attempts and overall cyber attacks, organizations cited the

most challenging aspects of this transition as ensuring secure connections,

business continuity, and access to business-critical applications.

 At the time of the survey enterprises had already invested in key technologies as

a result of the pandemic. Nearly half of organizations invested further in VPN and

cloud security, while nearly 40% invested further in skilled IT professionals or

network access control (NAC).


There is Still Room for Improvement: Almost All Enterprises Will Invest More in

Secure Telework

Given the number of attempted breaches and overall waves of cyber threats targeting

remote workers, organizations need to carefully consider what technologies and

approaches are needed to secure telework moving forward. Defense strategies need to

be adjusted to fully account for the extension of the network perimeter into the home.

 As of June this year, a long-term shift to telework is anticipated, with nearly 30%

of organizations expecting more than half of their employees to continue working

remotely full time after the pandemic.

 Almost all organizations expect to invest more to secure telework long-term, with

nearly 60% of enterprises spending more than $250,000 in secure telework

investments in the next 24 months.

 Moving forward, the majority of enterprises surveyed intend to make unplanned

upgrades to their existing systems to secure telework. Many also plan to add new

technologies not previously in place.

 Only 40% of organizations had a business continuity plan in place prior to the

pandemic. Yet, as a result of the pandemic and the rapid shift to remote work,

32% invested further in this area.

While organizations have made improvements in securing their remote workforces since

the beginning of the pandemic, survey data reveals several areas that could be

considered opportunities for improving secure remote connectivity. These areas include:

 Multi-factor Authentication (MFA) – The survey revealed that 65% of

organizations had VPN solutions in place pre-pandemic, but only 37% of


organizations had multi-factor authentication (MFA). While VPNs play an

important role in ensuring secure connectivity, they are simply one part of

securing access. Therefore, if not already in place, it is recommended that

organizations consider integrating MFA into their remote security plans.

 Endpoint Security and Network Access Control (NAC) – 76% and 72% of

organizations plan to either upgrade or adopt NAC or endpoint detection and

response (EDR) solutions respectively. As employees work remotely,

organizations face challenges to control the influx of non-trusted devices on their

networks to enable remote work, creating new security challenges overnight. By

adopting NAC solutions, IT teams get increased visibility and control over the

users and devices on their network. EDR solutions deliver advanced, real-time

threat protection for endpoints both pre- and post-infection.

 Software-defined Wide-area Networking (SD-WAN) for the Home: 64% of

organizations plan to either upgrade or adopt SD-WAN, but specifically for the

home office. The critical advantage of extending secure SD-WAN functionality to

individual teleworkers, especially super users, is that they can enjoy on-demand

remote access as well as dynamically scalable performance regardless of their

local network availability.

 Secure Access Service Edge (SASE) – 17% of organizations made

investments in SASE prior to the pandemic, and 16% invested in SASE as a

result of the pandemic. Still, 58% plan to invest in SASE to some degree going

forward. Although SASE is an emerging enterprise strategy, it is increasingly

seen as an opportunity to combine network and security functions with WAN

capabilities to support the dynamic, secure access needs of today’s

organizations.

 Skilled Security Professionals - At the start of the pandemic, only 55% of

organizations had enough skilled IT workers in place to support the shift to

remote work. And while 73% of organizations stated their intention to invest

further in skilled IT workers in the next 24 months, the historical lack of skilled IT

security professionals could present a challenge.

Additional Resources

 Read our blog for valuable takeaways from this research or access the full report.

 Read more about how Fortinet customers are maintaining business continuity at

scale with integrated and secure Fortinet Teleworker solutions.

 Find out how the Fortinet Security Fabric platform delivers broad, integrated, and

automated protection across an organization’s entire digital infrastructure.

 Learn more about FortiGuard Labs threat intelligence and research and the

FortiGuard Security Subscriptions and Services portfolio.

 Learn more about Fortinet’s Network Security Expert (NSE) Training Institute,

including its free cybersecurity training initiative, the NSE Certification Program,

Security Academy Program and Veterans Program.

 Read more about how Fortinet customers are securing their organizations with

Fortinet.

 Follow Fortinet on Twitter, LinkedIn, Facebook, YouTube, and Instagram. 


About Fortinet

Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and

government organizations around the world. Fortinet empowers our customers with

complete visibility and control across the expanding attack surface and the power to take

on ever-increasing performance requirements today and into the future. Only the Fortinet

Security Fabric platform can address the most critical security challenges and protect

data across the entire digital infrastructure, whether in networked, application, multi-

cloud or edge environments. Fortinet ranks #1 in the most security appliances shipped

worldwide and more than 465,000 customers trust Fortinet to protect their businesses.

Both a technology company and a learning company, the Fortinet Network Security

Expert (NSE) Training Institute has one of the largest and broadest cybersecurity

training programs in the industry. Learn more at http://www.fortinet.com, the Fortinet

Blog, or FortiGuard Labs.

=