Login
A new year is almost upon us and as we look back on our accomplishments in 2022, we also look forward to helping our customers become more security resilient and be better prepared for 2023. As part of this forward-looking process, and with the help of Gartner Peer Insights, we surveyed 100 Security and IT professionals to understand their level of security maturity and obtain their perspective on the future.
The results of the survey, called βGartner Peer Insights β Future of Endpoint Securityβ can be found here in Infographic form.
Key insights from the Survey:
Regarding the first key insight, approximately two-thirds of the organizations surveyed have implemented EDR and XDR capabilities. These two capabilities are critical to detecting and eliminating threats, either before a breach has occurred or before a breach has had an opportunity to create damage.
Another key insight is related to endpoint vendor selection. In the survey, itβs noted that the top criterion organizations are looking for when selecting an endpoint security solution is the ability to support a hybrid workforce. This isnβt surprising given the events that have occurred over the last few years and the mix of remote workers expanding to working from home. Many organizations feel that the hybrid workforce is here to stay, in varying levels of remote workforce vs. on-premises workforce. The obvious implications directly related to the endpoint solutions are flexibility (e.g., deployment options), scalability, efficacy, resilience, and manageability, as a few examples.
The survey infographic provides much more insights than these two examples. The good news is that Cisco Secure Endpoint meets the challenges ahead for 2023 and beyond. If you havenβt researched Secure Endpoint lately, go here to see Whatβs New.
To find out more insights from the 100 Security and IT professionals we surveyed, please read the βGartner Peer Insights β Future of Endpoint Securityβ survey.
Weβd love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
Organisations have been forced to adapt rapidly over the past few months as government lockdowns kept most workers to their homes. For many, the changes theyβve made may even become permanent as more distributed working becomes the norm. This has major implications for cybersecurity. Employees are often described as the weakest link in the corporate security chain, so do they become an even greater liability when working from home?
Unfortunately, a major new study from Trend Micro finds that, although many have become more cyber-aware during lockdown, bad habits persist. CISOs looking to ramp up user awareness training may get a better return on investment if they try to personalize strategies according to specific user personas.
What we found
We polled 13,200 remote workers across 27 countries to compile the Head in the Clouds study. It reveals that 72% feel more conscious of their organisationβs cybersecurity policies since lockdown began, 85% claim they take IT instructions seriously, and 81% agree that cybersecurity is partly their responsibility. Nearly two-thirds (64%) even admit that using non-work apps on a corporate device is a risk.
Yet in spite of these lockdown learnings, many employees are more preoccupied by productivity. Over half (56%) admit using a non-work app on a corporate device, and 66% have uploaded corporate data to it; 39% of respondents βoftenβ or βalwaysβ access corporate data from a personal device; and 29% feel they can get away with using a non-work app, as IT-backed solutions are βnonsense.β
This is a recipe for shadow IT and escalating levels of cyber-risk. It also illustrates that current approaches to user awareness training are falling short. In fact, many employees seem to be aware of what best practice looks like, they just choose not to follow it.
Four security personas
This is where the second part of the research comes in. Trend Micro commissioned Dr Linda Kaye, Cyberpsychology Academic at Edge Hill University, to profile four employee personas based on their cybersecurity behaviors: fearful, conscientious, ignorant and daredevil.
In this way: Fearful employees may benefit from training simulation tools like Trend Microβs Phish Insight, with real-time feedback from security controls and mentoring.
Conscientious staff require very little training but can be used as exemplars of good behavior, and to team up with βbuddiesβ from the other groups.
Ignorant users need gamification techniques and simulation exercises to keep them engaged in training, and may also require additional interventions to truly understand the consequences of risky behavior.
Daredevil employees are perhaps the most challenging because their wrongdoing is the result not of ignorance but a perceived superiority to others. Organisations may need to use award schemes to promote compliance, and, in extreme circumstances, step up data loss prevention and security controls to mitigate their risky behavior.
By understanding that no two employees are the same, security leaders can tailor their approach in a more nuanced way. Splitting staff into four camps should ensure a more personalized approach than the one-size-fits-all training sessions most organisations run today.
Ultimately, remote working only works if there is a high degree of trust between managers and their teams. Once the pandemic recedes and staff are technically allowed back in the office, that trust will have to be re-earned if they are to continue benefiting from a Work From Home environment.
The post Survey: Employee Security Training is Essential to Remote Working Success appeared first on .
FreshRSS 