55% of organizations experienced cybersecurity incident
As hybrid work empowers employees to work from anywhere and ensure business continuity for enterprises, the use of unregistered devices by employees to access work platforms is adding new security challenges for organizations in Malaysia, according to a new Cisco study. More than 8 in 10 (83%) respondents in Malaysia say their employees are using unregistered devices to log into work platforms. About 75% say their employees spend more than 10% of the day working from these unregistered devices.
This risk associated with such a practice is recognized by security leaders with 93% of respondents in Malaysia saying logging in remotely for hybrid work has increased the likelihood of occurrence of cybersecurity incidents. This scenario is further complicated as employees are logging into work from multiple networks across their homes, local coffee shops, and even supermarkets. 93% of respondents in Malaysia say their employees use at least two networks for logging into work, and nearly half (49%) say their employees use more than five networks.
The report titled “My Location, My Device: Hybrid work’s new cybersecurity challenge”, surveyed 6,700 security professionals from 27 countries, including 150 security professionals from Malaysia. It highlights concerns of security professionals around the use of unregistered devices and potentially unsecured networks to access work platforms and the risks associated with such behaviors.
“As hybrid work becomes the norm, companies are empowering their employees to work from anywhere. While this has brought many benefits, it is also opening new challenges, especially on the cybersecurity front, as hackers can now target employees beyond traditional corporate network perimeters. To make hybrid work truly successful in the long run, organizations need to protect their business with security resilience. This includes establishing visibility on their networks, users, endpoints, and applications to acquire insights into access behaviors, leveraging these insights to detect threats, and harnessing threat intelligence to respond against them on-premises or in the cloud,” Director, Cybersecurity, Cisco ASEAN Juan Huat Koo said.
The use of unregistered devices is adding a new layer of challenge for security professionals as they tackle complexities in the current threat landscape. Over half of respondents (55%) in Malaysia said they had experienced a cybersecurity incident in the past 12 months. The top three types of attacks suffered were phishing, malware, and data leaks.
Among those who suffered an incident, 74% said it cost them at least US$100,000, and 35% said it cost them at least US$500,000. The report also found 95% of the security leaders in Malaysia believe cybersecurity incidents are likely to disrupt their businesses in the next 12-24 months. The bright side is that they are gearing up to protect themselves from internal and external threats.
With the challenges well recognized, 91% of security leaders in Malaysia expect their organization to increase its cybersecurity budget by more than 10% over the next year, and 96% expect upgrades to IT infrastructure in the next 12-24 months.
“As organizations and employees become more distributed, the demand for anywhere, anytime access to applications and services require a new approach to security. It is critical for businesses to move away from stand-alone security to security resilience which looks at detection, response, and recovery on a single, integrated platform. Businesses first need to educate their workforce on security best practices then use technology as the eyes and ears of the network, leverage actionable intelligence to take the right action where it’s most important, and automate that response so they can emerge stronger from threats,” said Hana Raja, Managing Director, Cisco Malaysia.
The findings in the report are taken from an independent survey commissioned by Cisco of 6,700 business and IT leaders with cybersecurity responsibilities at organizations ranging from 10 to over 1,000 employees globally. All interviews were conducted online during August and September 2022 with respondents representing 27 markets, touching every continent other than Antarctica.
