If we have learned anything from the impact of the Covid-19 pandemic on our work behavior, it is that many employees are able to work remotely. For a large number of companies, this was also necessary to continue generating revenue in uncertain times. An additional benefit is that productivity increased for a group of employees. Due to such positive effects, several market experts and studies expect telework to remain popular, leading to hybrid work. At the same time, teleworking also presents security issues for the IT department, which we learn from Infoblox.
The last two corona years have changed the way businesses and consumers do business. Many have had to adapt and adopt more digital services with the aim of limiting physical contact and combating the spread of Covid-19. And although the Dutch are resuming their daily lives before the corona, there are still consequences of the virus. Think of the desire of employees to work from home, but also of a country like China, where cities are closing down, resulting in supply problems in our country.
During the corona, companies were forced to adapt in no time. Only in this way could they comply with government policy and the wishes of employees and customers as quickly as possible. In some cases, this has resulted in IT modernization projects that would normally take years to take place in weeks or months. Cyber-attackers also benefited from this rapid adaptation as they adapted to the new way of working.
Infoblox therefore conducted a survey among 1,100 IT and cybersecurity decision makers and influencers to determine security status by the end of the second corona year. In doing so, it looked at measures to limit the risks to remote staff. After all, many organizations allowed employees to work from home, even though this was not possible for all professions.
Overall, accelerating modernization projects have been an attractive choice for most companies. This acceleration was necessary to continue to be able to support employees and customers in a good way.
If we then look at the risks associated with innovation-driven and teleworking, we see that organizations are most concerned about ransomware and cloud attacks. The question is how justified this is for the Netherlands in particular. Infoblox sees that our country has had more to do with denial-of-service (DoS) attacks than the rest of the world.
By extension, most IT executives expect more budget for the purchase of cloud and hybrid-based IT security solutions. According to Infoblox, this is a sign that a majority of the workforce in the corporate environment is a thing of the past. Infoblox therefore dares to say that information security as before the Covid-19 pandemic will no longer return.
What risks do companies run?
The whole shift has increased the risk of a cyber attack, especially if not enough was done. We will discuss the possible steps to prevent and mitigate attacks a little later in this article, but first we will dive into the actual problems. Infoblox notes, for example, that almost half (46 percent) of Dutch organizations have had to deal with one to five cyber attacks in the past year. With 52 percent, this did not lead to a breakup. Of the companies that experienced a breach, the most likely attack vectors were endpoints and third-party vendors.
In addition, Advanced Persistent Threats (APTs), where cybercriminals gain extended access to a corporate network, are a primary attack vector. Dutch organizations are slightly more likely to fall victim to an APT (50 percent) than phishing (48 percent). Ransomware also scores high with 46 percent. While zero-day utilizations are less common (21 percent), they are nonetheless a significant risk.
It is also striking that half of the organizations had to deal with malicious parties who abused a vulnerability to gain illegal access. Just under half experienced data filtering and credential hijacking in attacks. When cybercriminals came in, 42 percent of organizations experienced Distributed Denial-of-Service (DDoS) attacks. In that case, sensitive data was revealed in 38 percent of the companies. The consequences of such conditions are not at all pleasant when one realizes the damage. For example, almost half were dealing with a maximum of 882,690 euros in direct and indirect damage.
Perception of Dutch companies
The risk figures are in line with the concerns of Dutch companies. During the second corona year, 46 percent were concerned about data breaches. At the same time, ransomware (41 percent) and attacks targeting cloud services (31 percent) are concerns. On the question of what Dutch organizations are least prepared for, ransomware, insider threats and data leaks are mentioned, respectively.
However, a majority of Dutch companies (64 percent) are confident of responding to a threat within 24 hours. For this, they use threat hunting tools, such as an external threat information platform, DNS (Domain Name System) queries and DNS responses. Nevertheless, threat detection remains difficult due to lack of IT staff, money and remote monitoring.
Tip: DNS data is a goldmine, but integration is needed
Acceleration is the key
If we zoom in a little further on the impacts of the IT strategy, we see that the time frame for modernizing the IT infrastructure has been shortened by 45 percent. A large proportion of Dutch companies have also added more protection to networks and databases. It is striking that organizations from our country compared to other countries embed more security at the edge of the network. For example, this is a priority more often than creating a customer portal.
Infoblox’s research also looked more closely at popular safety steps to support teleworking. For example, 65 percent seem to have rolled out virtual private networks (VPNs) or firewalls for this. Exactly half preferred cloud-managed DDI servers (DNS, DHCP and IP Management), an area where Infoblox itself is active. This secures a significant portion of the connections in your corporate network. In a previous article, we explained how Infoblox achieves this exactly.
Following the study, Infoblox also notes that companies recognize the importance of good DNS as part of a perimeter defense. When looking at DNS as part of their security strategy, many companies cite threat protection such as DNS tunneling (36 percent) as a use case. In addition, they see benefits in detecting malware activity (43 percent) and detecting devices that connect to malicious destinations (46 percent).
More interest in frameworks and network protection
In 2021, the increased risks caused most organizations to increase their security budget. This year, even 66 percent expect more budget for cybersecurity. To secure local environments, network security and network traffic monitoring are the most popular options. Securing cloud environments will be addressed by most companies with cloud access security brokers and secure web gateways. Companies that have a more hybrid approach are likely to choose hybrid versions of VPNs / access control (40 percent), DNS security (36 percent), and endpoint security (35 percent).
In addition, Infoblox looked at the popularity of the Secure Access Service Edge (SASE) framework, which incorporates many of the previously discussed security concepts. This framework has been fully or partially implemented by just over half of the companies several years after it was first mentioned. A further 29 percent plan to implement SASE across the organization. According to Infoblox, this is a result of assets, access and security moving from the core of the network to the edge.
All in all, Infoblox’s research shows that despite the benefits to organizations, teleworking poses security challenges. Many companies seem to be aware of this and are willing to invest extra in security. As the trend of working outside the office environment is not yet out of sight, this seems like a good choice. After all, cybercriminals are fully innovative in taking advantage of new opportunities to work from home and hybrid work, thus causing harm.
Tip: How do you secure your home workplace?