Half of cybersec staff taken off security, incidents double during pandemic: ISC(2) study

News by Mark Mayne

The global pandemic has seen cyber attacks grow and overall security stances slip, according to a survey from (ISC)² which says 47% of cybersec staff have been taken off security duties

The vast majority of security professionals (81 percent) have seen changes to their job function during the  COVID-19 pandemic, according to a new survey, with a significant 47 percent of respondents temporarily taken off security duties to assist with IT-related tasks such as equipping a mobile workforce.

That sudden mobile and remote requirement tallies with an understandable 96 percent of respondents’ organisations having closed physical work environments and moved to remote work-from-home policies for employees.

Concerningly, 23 percent said cyber-security incidents experienced by their organisation have increased since transitioning to remote work – with some tracking as many as double the number of incidents. In parallel, while 41 percent said their organisations are utilising best practices to secure their remote workforce, another 50 percent agreed, but admitted they could be doing more.

One respondent commented, “Security at this point is a best effort scenario. Speed has become the primary decision-making factor. This has led to more than a few conversations about how doing it insecurely will result in a worse situation than not doing it at all.”

Mark Kedgley, CTO of NNT Technologies said: “The survey goes to confirm our expectations. The sudden need to shift business operations over to a remote access model is completely at odds with security priorities where standard best practice is always to reduce function and access, not expand it. The increase in cyber-security incidents confirms what many other researchers have reported, with opportunistic phishing attacks leveraging the thirst for knowledge and exploiting the chaos and uncertainty over the last few weeks.

“In cyber-security terms, Covid-19 is a ‘zero day’ virus without any vaccine or treatment. The burden for protection falls to the nations testing and tracing processes, much like the need for intrusion detection, change control and integrity monitoring in the cyber-security world. There are parallels with the way the world was ravaged by WannaCry, with blanket shutdowns of IT systems, simply because too many didn’t have any early warning detection or outbreak tracing capabilities in place…”

The (ISC)2 COVID-19 Cybersecurity Pulse Survey highlights some positive aspects of the current situation, with 81 percent saying their organisations view security as an essential function at this time, and only a tiny percentage (15 percent) indicating that their information security teams do not have the resources they need to support a remote workforce. However, a more concerning 34 percent do have remote resources in place, but only for the time being, raising questions for the imminent future. 

“Organisations of all shapes and sizes are navigating this situation and trying to adjust to the new normal of supporting a remote workforce, and the security function is often called upon to provide leadership and solutions beyond the typical scope it covers. It’s important for cyber-security professionals to understand that they’re not alone and that many of their peers are facing similar challenges”, said Wesley Simpson, COO of (ISC)2.

Max Vetter, chief cyber officer at Immersive Labs adds: "With workforces transitioning to remote working security teams have had to contend with a whole new set of problems and threats that many have not had to face before. It is therefore vital that managers are able to see where the new holes in their human security posture are, so they are able to allocate staff and resources effectively.

“This raises the additional complexity of security professionals having to potentially learn new skills or how to handle new situations in a remote environment, This is a new situation for many security teams, and an area that traditional training cannot cover. It is important that teams are able to upskill themselves on the most recent threat data to ensure that they are sufficiently battle tested if a hacker targets their company’s remote workforce or systems..”

The (ISC)2 COVID-19 Cybersecurity Pulse Survey polled 256 global cyber-security professionals responsible for securing their organisations’ digital assets, a figure that the association of certified cyber-security professionals was keen to point out represented a snapshot of the challenges faced by the industry, rather than an in-depth study. 

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews