Written by: Anthony James, VP of Product Marketing at Infoblox

Today’s cybersecurity challenges are not much different from past years’, with one slight twist – the attack surface has dramatically shifted. The pandemic forced us to rethink our IT environment as most users had no choice but to work remotely, relying on their residential internet services. This dramatic shift did not give us any time to plan connectivity or security. The result is that every user’s device can become a potential threat. But this blog is not another discussion about the perils of working from home. It is about understanding how this new paradigm affects the security thought process and what organizations have experienced concerning their security posture based on this new normal.

Anthony James, VP of Product Marketing at Infoblox

We recently commissioned a survey to understand the global state of security, including the impact of remote workers, which was completed with over 1,100 IT and cybersecurity decision-makers and influencers participants, covering 11 countries.

The participants also shed some insight into current threats and anticipated investments designed to prevent ransomware and other serious security concerns. Unsurprisingly, the report highlights that moving to a remote work environment contributed to an increase in security incidents, including data loss, ransomware, and other types of attacks via cloud services. The result of the survey is a summary of all respondents, as well as multiple regional or country-specific reports.

If you take the time to read all of the reports, you will find a commonality of tools most organizations invest in. VPN took the lion’s share of investments in the past 12 months. However, DDI and DNS technologies are growing in popularity. 41% deployed cloud-managed DDI (DNS, DHCP, and IP management) servers as security controls. When hunting down a threat source, 40% relied on network flow data that DDI provides, 39% used DNS queries, and 39% used outside threat intelligence services.

What I also found interesting is how each country diverged in the types of threats or vulnerabilities they were most concerned about in the next 12 months. Here are some examples that bring to life the fact that every region or country may face a common set of cyber threats; they may differ in the order of importance:

• Data leakage – this was the top concern amongst almost all countries surveyed, with an outlier being the US, where “ransomware” made it to the first spot.
• Ransomware – this was the second concern amongst almost all countries surveyed, with an outlier being the US, where “Data leakage” made it to the second spot.
• Attack via remote worker connections made it to third for almost all countries surveyed, with an outlier in the EMEA roll-up, where “Direct attack through cloud services” made it to third.

Another interesting finding by comparing each region or country was concerning, where organizations identified the source of a breach. The following is another sample comparing some of these reports:

• WiFi access point – this was the first source of breaches for almost all countries
• Cloud infrastructure or application – was the second source of breaches for almost all countries
• 43% of respondents pegged the cost of a breach to $1 million or more.

There are many great examples of how organizations respond to the new workforce environment, with many similarities between regions or countries.