HP study has revealed that 91% of IT teams feel pressure to compromise security. HP launched the HP Wolf Security Rebellions & Rejections report, thorough worldwide research that highlights the friction between IT teams and workers working from home (WFH) that security professionals must overcome in order to safeguard the future of work.
The findings demonstrate that, in the face of increasing risks, IT teams have been forced to compromise security in order to maintain business continuity. Worse, their attempts to improve or update security measures for remote workers have frequently been turned down. This is especially true for the future workforce of 18-24-year-olds, who are digital natives who are becoming increasingly dissatisfied with security getting in the way of deadlines, prompting many to evade measures.
The new HP Wolf Security report incorporates data from a global YouGov online poll of 8,443 office workers who switched to WFH during the pandemic, as well as a global Toluna survey of 1,100 IT Decision Makers. The following are some of the key findings:
• During the pandemic, 76 percent of IT teams admitted that security took a backseat to business continuity, and 91 percent felt pressured to sacrifice security for business continuity.
• Nearly half (48%) of younger office workers (18-24 years old) surveyed said security tools were a barrier, leading to nearly a third (31%) attempting to work around corporate security standards.
• According to the survey, 48 percent of office workers feel that ostensibly necessary security measures waste a lot of time; this number climbs to 64 percent among those aged 18-24.
• Over half of 18–24-year-olds (54%) are more concerned about meeting deadlines than exposing their employer to a data breach; 39% are unsure what their company’s security rules are, or whether they even have them – indicating an increasing level of apathy among younger workers.
• As a result, 83% of IT teams believe that the rise in home employees has created a “ticking time bomb” for a business network attack.
“The fact that workers are actively circumventing security should be a worry for any CISO – this is how breaches can be born,” comments Ian Pratt, Global Head of Security for Personal Systems, HP Inc. “If security is too cumbersome and weighs people down, then people will find a way around it. Instead, security should fit as much as possible into existing working patterns and flows, with technology that is unobtrusive, secure-by-design and user-intuitive. Ultimately, we need to make it as easy to work securely as it is to work insecurely, and we can do this by building security into systems from the ground up.”
Many security teams have made measures to control user behaviour in order to keep data safe, according to the research. To cater for the surge in working from home, 91 percent have revised security measures, while 78 percent have restricted access to websites and applications. Users, on the other hand, frequently hate these controls and push back on IT, leaving security staff feeling defeated and rejected:
• Security rules and technology are often too restrictive, according to 37% of office workers polled.
• Eighty percent of IT teams have received pushback from users who don’t enjoy having controls placed on them at home; 67 percent of IT teams say they get complaints about this on a weekly basis.
• Trying to develop and enforce company standards surrounding cybersecurity, according to 83 percent of IT teams, is impossible given because the barriers between personal and professional lives are so blurred.
• Eighty percent of IT teams believe that IT security has become a “thankless duty” since no one pays attention to them.
• 69 percent of IT teams claimed they are made to feel like the “evil guys” because they impose limits.
“CISOs are dealing with increasing volume, velocity and severity of attacks,” comments Joanna Burkey, Chief Information Security Officer (CISO),HP Inc.
Further explained, “Their teams are having to work around the clock to keep the business safe, while facilitating mass digital transformation with reduced visibility. Cybersecurity teams should no longer be burdened with the weight of securing the business solely on their shoulders, cybersecurity is an end-to-end discipline in which everyone needs to engage.”
Burkey continues: “To create a more collaborative security culture, we must engage and educate employees on the growing cybersecurity risks,while IT teams need to better understand how security impacts workflows and productivity. From here, security needs to be re-evaluated based on the needs of both the business and the hybrid worker.”
HP is assisting enterprises in securing the hybrid workplace by providing endpoint security that is both visible and unobtrusive. Organizations benefit from HP Wolf Security’s strong, built-in security from silicon to the cloud and BIOS to the browser. It enables Cybersecurity teams to provide user-friendly tools and assist in removing restrictions while simultaneously offering defense-in-depth and enhanced protection, privacy, and threat intelligence, and capturing data at the endpoint to help defend the business as a whole.
