As hybrid work empowers employees to work from anywhere and ensure business continuity for enterprises, the use of unregistered devices by employees to access work platforms is adding new security challenges for organizations in Singapore, according to a new Cisco study.
Nearly 9 in 10 (89%) respondents in Singapore say their employees are using unregistered devices to log into work platforms. About 77% say their employees spend more than 10% of the day working from these unregistered devices.
This risk associated with such a practice is recognized by security leaders with 89% of respondents in Singapore saying logging in remotely for hybrid work has increased the likelihood of occurrence of cybersecurity incidents.
This scenario is further complicated as employees are logging into work from multiple networks across their homes, local coffee shops, and even supermarkets. About 91% of respondents in Singapore say their employees use at least two networks for logging into work, and 35% say their employees use more than five networks.
The report titled "My Location, My Device: Hybrid work’s new cybersecurity challenge", surveyed 6,700 security professionals from 27 countries, including 150 security professionals from Singapore. It highlights concerns of security professionals around the use of unregistered devices and potentially unsecured networks to access work platforms and the risks associated with such behaviors.
"As hybrid work becomes the norm, companies are empowering their employees to work from anywhere. While this has brought many benefits, it is also opening new challenges, especially on the cybersecurity front, as hackers can now target employees beyond traditional corporate network perimeters. To make hybrid work truly successful in the long run, organizations need to protect their business with security resilience. This includes establishing visibility on their networks, users, endpoints, and applications to acquire insights into access behaviors, leveraging these insights to detect threats, and harnessing threat intelligence to respond against them on-premises or in the cloud,” Director, Cybersecurity, Cisco ASEAN Juan Huat Koo said.
The use of unregistered devices is adding a new layer of challenge for security professionals as they tackle complexities in the current threat landscape. 6 out of 10 respondents in Singapore said they had experienced a cybersecurity incident in the past 12 months. The top three types of attacks suffered were malware, phishing, and denial of service attacks.
Among those who suffered an incident, 85% said it cost them at least US$100,000, and 58% said it cost them at least US$500,000. Among those who suffered an incident, 85% said it cost them at least US$100,000, and 58% said it cost them at least US$500,000.
With the challenges well recognized, 90% of security leaders in Singapore expect their organization to increase its cybersecurity budget by more than 10% over the next year, and 94% expect upgrades to IT infrastructure in the next 12-24 months.
“As Singapore moves towards a digital future, we need to confront a new world of increasingly complex and sophisticated threats. With the workforce distributed in today’s hybrid work environment, it is critical for businesses to move away from stand-alone security to security resilience which looks at detection, response, and recovery on a single, integrated platform. People are a cornerstone for fostering this resilience. Businesses first need to educate their workforce on security best practices then use technology as the eyes and ears of the network, leverage actionable intelligence to take the right action where it’s most important, and automate that response so they can emerge stronger from threats,” said Andy Lee, Managing Director, Cisco Singapore and Brunei.