Spotlight on Germany: Hybrid Work Brings New Cyber Risks
As German organizations plan their long-term hybrid and remote work models, embracing this new world of work opens the door to new and unmanaged cyber risk. And attackers are taking advantage. To address this, we need to change the way we're thinking about risk.
While the pandemic-driven work-from-home obligation in Germany has been revoked, many organizations still plan to continue long-term hybrid and remote work models. At the beginning of 2020, just 22% of German organizations had employees working remotely. Today, that has risen to 82%, with 65% planning to make this adoption permanent in the next 1-2 years. But, by their own admission, only 58% of German organizations feel they are prepared to support new workforce strategies from a security standpoint.
The self-reported data is drawn from a commissioned study of more than 1,300 security leaders, business executives and remote employees worldwide, including 156 respondents in Germany. The study, Beyond Boundaries: The Future of Cybersecurity in the New World of Work, was conducted by Forrester Consulting on behalf of Tenable in April 2021.
Cloud adoption enables hybrid working model
Historically, German organizations have been reluctant, and some even resistant, to embrace cloud adoption. The pandemic has completely changed that. To facilitate a remote workforce, cloud adoption has accelerated, shattering the boundaries of the corporate network and introducing exponential risk.
Seventy-three percent of German organizations said they have moved business-critical functions to the cloud, including accounting and finance (51%) and human resources (48%). When asked if this exposed the organization to increased cyber risk, 76% of security and business leaders believed it did.
Business-critical systems weren't the only ones shifted to the cloud. More than a third (35%) of German organizations also moved non-critical functions to the cloud in response to the pandemic, despite 57% of security leaders believing this increased their exposure to risk.
ينتهز المخترقون الفرص
With little attention given to security during this massive shift, attackers have taken advantage. Ninety-three percent of German organizations experienced a business-impacting cyberattack* in the last 12 months, with 57% falling victim to five or more.
When looking at the focus of these attacks:
- 78% resulted from vulnerabilities in systems and/or applications put in place in response to the pandemic
- 66% targeted remote workers or those working from home
- 61% involved cloud assets
- 61% involved an unmanaged personal device used in a remote work environment
The impact to organizations is far from trivial as 44% suffered a ransomware attack and 35% experienced a data breach.
We need to change the way we're thinking about risk
As organizations adjust to the new world of work — one that combines in-office and work-from-home models — CISOs and infosec leaders must reevaluate their approach to maintaining security in highly dynamic and disparate environments. This includes realigning themselves to the business in order to effectively reduce risk.
Security teams need visibility of their entire threat landscape, with the intelligence to predict which cyberthreats will have the greatest business impact on the organization. In tandem, controls are needed to address the risks introduced by the new world of work.
Improving the way Active Directory is configured and managed is crucial to disrupting attack paths. Organizations need to implement adaptive user risk profiles in order to continuously monitor and verify every attempt to access corporate data based on set criteria — who is requesting access, where are they connecting from and the hygiene of the device being used. If the criteria aren't met, the request is declined.
If cybersecurity strategies fail to keep pace with business changes, today's risk could become tomorrow's reality.
*A business-impacting cyberattack is one which results in one or more of the following outcomes: loss of customer, employee, or other confidential data; interruption of day-to-day operations; ransomware payout; financial loss or theft; and/or theft of intellectual property.
مقالات ذات صلة
Cybersecurity Snapshot: CISA Shines Light on Cloud Security and on Hybrid IAM Systems’ Integration
March 15, 2024Check out CISA’s latest best practices for protecting cloud environments, and for securely integrating on-prem and cloud IAM systems. Plus, catch up on the ongoing Midnight Blizzard attack against Microsoft. And don’t miss the latest CIS Benchmarks. And much more!
Poor Identity Hygiene at Root of Nation-State Attack Against Microsoft
February 1, 2024The latest breach suffered by Microsoft shows once again that detection and response are not enough. Because the source of an attack almost always boils down to a single overlooked user and permission, it’s critical for organizations to have strong preventive security.
Cybersecurity Snapshot: What’s in Store for 2024 in Cyberland? Check Out Tenable Experts’ Predictions for OT Security, AI, Cloud Security, IAM and more
December 29, 2023The new year is upon us, and so we ponder the question: What cybersecurity trends will shape 2024? To find out, we asked Tenable experts to read the tea leaves. Their 2024 forecasts include: A bigger security role for cloud architects; a focus by ransomware gangs on OT systems in critical industries; an intensification of IAM attacks; and much more!
Cybersecurity Snapshot: RansomHub Group Triggers CISA Warning, While FBI Says North Korean Hackers Are Targeting Crypto Orgs
September 6, 2024Cybersecurity teams must beware of RansomHub, a surging RaaS gang. Plus, North Korea has unleashed sophisticated social-engineering schemes against crypto employees. Meanwhile, a new SANS report stresses the importance of protecting ICS and OT systems. And a Tenable poll sheds light on cloud-native VM. And much more!
Cybersecurity Snapshot: Schools Suffer Heavy Downtime Losses Due To Ransomware, as Banks Grapple with AI Challenges
August 30, 2024The cost of ransomware downtime in schools gets pegged at $500K-plus per day. Meanwhile, check out the AI-usage risks threatening banks’ cyber resilience. Plus, Uncle Sam is warning about a dangerous Iran-backed hacking group. And get the latest on AI-system inventories, the APT29 nation-state attacker and digital identity security!
AA24-241A : Joint Cybersecurity Advisory on Iran-based Cyber Actors Targeting US Organizations
August 28, 2024A joint Cybersecurity Advisory highlights Iran-based cyber actor ransomware activity targeting U.S. organizations. The advisory includes CVEs exploited, alongside techniques, tactics and procedures used by the threat actors.
- Active Directory
- Cloud
- Executive Management
- EMEA
- BYOD
- Risk-based Vulnerability Management
- Threat Intelligence
- Threat Management
- Vulnerability Management
- Vulnerability Scanning