Is your business covering all of the bases when it comes to remote and hybrid security? Many companies weren’t even close to being prepared to manage IT or secure data remotely at the start of the pandemic. Then, additional complications piled up from long lockdowns that blew up maintenance schedules. Budget cuts didn’t help the cause either. This miasma of uncertainty has given way to a whole lot of companies that have security gaps – and they’re all big enough for cybercriminals to slide right into.   

Four dangerously large gaps that companies uncovered exposed major vulnerabilities in cybersecurity fundamentals. These deficiencies notch up threats for businesses and create cybersecurity loopholes that cybercriminals will be quick to slip through. Digital News reported: 

• More than 50% of organizations discovered serious gaps in employee cybersecurity awareness. 
• Almost 50% of companies have done no training for employees around remote workforce risks.
• 58% of companies found that their employees ignore their cybersecurity guidelines and policies.
• 85% of CISOs admit they sacrificed cybersecurity to quickly enable employees to work remotely. 

The Cisco Future of Remote Work Report, detailed how many companies are underwater with remote support. Organizations are struggling to find and deploy the resources that they need to keep business systems and data secure while enabling staffers to work remotely. When considering their top four challenges, companies agreed: 

• 56% have security issues with company laptops and desktops.
• 54% struggle to protect personal (employee-owned) devices. 
• 46% say customer information is difficult to protect.
• 46% have trouble securing cloud applications. 

Can We Fix These Problems Quickly & Affordably?

• Fix Bad Security Behavior with Training: Sloppy data handling, bad email hygiene and unsafe password practices are all potential vectors for trouble. Fix that fast with training. Companies that run phishing simulations for the first time are in for a shock when they discover that 40% to 60% of their employees are likely to open malicious links or attachments. But consistent training makes a huge difference. After about 6 months of training, that percentage drops 20% to 25% and after 3 to 6 months more training, that number can drop to only 10% to 18%.   

• Fix Major Security Gaps with Secure Identity and Access Management: One of the fastest, easiest and most comprehensive ways that businesses can close security gaps fast is by adopting multi factor authentication. This single mitigation stops 99% of password-based cyber crime including account attacks, credential stuffing and brute force hacking dead in its tracks instantly, according to researchers at Microsoft. But not everyone has absorbed that message – more than 50% of companies aren’t using it.   

Fuente: ID Agent