A shift to a cloud computing-based business model has saved some companies from collapse during the Covid-19 pandemic. A survey of 200 senior business decision makers in large- and medium-sized companies in the UK in September, also found that Covid-19 has exposed weaknesses in businesses’ IT security. 39 per cent of decision-makers agree that the pandemic has exposed gaps in their cybersecurity. Conversely, this data point suggests that a majority of companies (61 per cent) were ready for the huge security challenge posed by Covid-19 and the shift to remote working.
However, 60 per cent of business leaders agreed that they are more aware of the risks facing their organisation after a surge in phishing attacks aimed at quarantined remote workers. The research came from Centrify, a provider of identity-centric privileged access management software. Most, 60 per cent of respondents are planning to substantially increase their use of cloud-based IT during and after the pandemic.
A majority, 56 per cent of those surveyed said that remote working has made it harder to identify potential hackers impersonating staff, and, as a result, more than half (51 per cent) say remote working has led to an increase in insider threats. This highlights a need for modern cybersecurity solutions that can limit access and privilege by segregating duties, implementing access request and approval workflows, and leveraging behaviour analytics based on machine learning technology.
Comment
Andy Heather, VP, Centrify says: “Facing the security threats posed by Covid-19 continues to be no easy task, but fortunately business leaders have been rewarded for their trust in public cloud adoption.
“Addressing this concern starts with adopting a cloud-ready privileged access management security solution to enforce least privilege, only granting administrative users just enough access to resources, just in time to do the job required. A modern approach to privileged access control enables businesses to continue remote operations across scalable multi-cloud environments whilst remaining confident that internal threats are flagged, blocked and neutralised.”
