A growing number of users are buying and connecting unsanctioned devices outside IT department’s purview, and as a result threat levels are on the rise, making IT support more complex, time-consuming and costly than ever, according to a recent HP security report.
HP Wolf Security Report: Out of Sight & Out of Mind, a global study on cybersecurity in the context of Working From Home (WFH) during and after the pandemic.
The report combines data from a global YouGov online survey of 8,443 office workers who shifted to Working from Home during the pandemic, and a global survey of 1,100 IT decision makers.
The survey has found out that ‘Shadow IT’ (non-IT department deploying software beyond the purview of IT) is increasing, and hence security threats also. Phishing has become more successful.The survey says that 74 per cent of IT teams have seen a rise in the number of employees opening malicious phishing links or attachments on emails in the last 12-months. Forty per cent of office workers surveyed aged 18-to-24 have clicked on a malicious email with almost half (49%) saying they have done so more often since working from home.
“People often don’t know if they have clicked on something malicious, so the real numbers are likely much higher,”said Ian Pratt, Global Head of Security for Personal Systems, HP Inc. “Threat actors don’t always announce themselves, as playing the ‘long game’ to move laterally and infiltrate higher-value infrastructure has proven to be more lucrative. For example, by using cloud backups to exfiltrate sensitive data in bulk, encrypting data on servers, then demanding a multi-million-dollar ransom.”
Pratt added: “It shouldn’t be this easy for an attacker to get a foothold—clicking on an email attachment should not come with that level of risk. By isolating and containing the threat you can mitigate any harmful impact, preventing persistence and lateral movement.”
With threats rising, it’s becoming more difficult for IT teams to deliver security support. The survey says that 77% of IT teams said the time it takes to triage a threat has increased in the past year, while an estimated 62 per cent of alerts relating to the endpoint are false positives, leading to wasted time. With IT teams tied up dealing with alerts, it’s becoming harder for them to onboard employees and identify threats. As a result, IT teams estimate the cost of IT support in relation to security has risen by 52 per cent in the last 12-months.
It has emerged that 83 per cent of IT teams believe that the pandemic has put even more strain on IT support because of home worker security problems, while 77% of IT teams say home-working is making their job much harder and that they fear teams will burnout and consider quitting.
