September 22, 2021
Tenable®, Inc., the Cyber Exposure company, published a global study that revealed 73% of Australian organisations were victims of cyberattacks targeting remote workers over the past 12 months, making them one of the biggest risks facing Australian organisations in the new world of work. Yet, no more than 29% of Australian remote workers strictly follow their organisations’ security guidelines and measures.
The data is drawn from ‘Beyond Boundaries: The Future of Cybersecurity in the New World of Work,’ a commissioned study of more than 1,300 security leaders, business executives and remote employees worldwide, including 161 responses in Australia, conducted by Forrester Consulting on behalf of Tenable.
The findings come as workers around the country once again find themselves working from home for the foreseeable future. In fact, 77% of Australian businesses plan to have employees working from home at least once a week in the next 12-24 months while 59% plan to make remote work permanent in the next 1-2 years.
The study provides a glimpse into the average home network which has shattered the traditional corporate network with roughly nine in 10 remote workers connecting six or more devices to their home networks. Further complicating matters, many remote workers access financial records (43%) and customer data (51%) from a personal device - oftentimes with little guidance to ensure data remains protected.
The study makes clear how difficult maintaining visibility into this newly distributed work environment can be for Australian organisations. Two in five security leaders say they lack visibility into remote employee home networks and their connected devices. Furthermore, a meagre 29% felt that they have enough staff to adequately monitor the attack surface.
Impact of an atomised attack surface
The study also reveals the adjustments made to facilitate remote work heightened the level of risk for Australian businesses. In the past year, a staggering 92% of Australian organisations experienced a business-impacting cyberattack, with 70% suffering an attack that resulted from vulnerabilities in systems put in place in response to the pandemic. It comes as no surprise that, as organisations adopted new technologies to embrace remote work, their software supply chain expanded. Fifty-nine percent of security leaders attributed recent attacks to a third-party software vendor compromise – underscoring the need for greater visibility into the atomised attack surface.
“The traditional, office-bound work model is gone. Organisations in Australia need to quickly embrace a hybrid work model that allows working from home to be as seamless and secure. That also means security leaders need to adjust their approach to security to meet these challenges head-on,” said Scott McKinnel, ANZ country manager, Tenable. “The next 12-24 months will truly test the grit of organisations as they navigate and secure the new world of work. It’s crucial that Australian businesses are putting the systems and processes in place to give security leaders effective visibility into the entire threat surface of the organisation.”
Hybrid work models and a digital-first economy have brought cybersecurity front and centre as a critical investment that can make or break short- and long-term business strategies. To address this demand, Australian security leaders plan to increase cybersecurity investments in vulnerability management (76%), cloud security (71%) and identity access management (71%).
To read the full study, visit: here
Note to Editors:
- Forrester conducted an online survey of 426 security leaders, 422 business executives, and 479 remote workers, as well as in-depth telephonic interviews with six business and security executives, to examine cybersecurity strategies and practices at large enterprises in the US, the UK, Germany, France, Australia, Mexico, India, Brazil, Japan, and Saudi Arabia. The study was fielded in April 2021.
- “Business-impacting” relates to a cyberattack or compromise that results in a loss of customer, employee, or other confidential data; interruption of day-to-day operations; ransomware payout; financial loss or theft; and/or theft of intellectual property.
Tenable®, Inc. is the Cyber Exposure company. Over 30,000 organisations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, more than 30 percent of the Global 2000 and large government agencies. Learn more at www.tenable.com.
+61 478 701 734