WFH model disrupting network security business practices, says study

While this disruption to network security felt by two thirds of businesses was said to be at least moderate, 23% of participants in the Neustar study declared major disruption.

Additionally, 29% said that they didn’t have a business plan in place to keep their network secure in the midst of a major event such as the current COVID-19 pandemic.

In regards to connectivity using virtual private networks (VPNs), 61% cited minor connectivity issues, while only 22% said that their VPN coped with the shift to remote working.

The research, which was released by the Neustar International Security Council (NISC), was based on a survey of 303 senior cyber security professionals based across Europe and the United States.

Spearheading the defence against a cyber attack requires c-suite buy-in

Spearheading the defence against a cyber attack needs the c-suite’s involvement, according to Anthony Young, director at Bridewell Consulting. Read here

“Social distancing measures that call for employees to work from home when possible have dramatically changed patterns of connection to enterprise networks,” said Rodney Joffe, chairman of NISC, and senior vice-president and fellow at Neustar. “More than 90% of an organisation’s employees typically connect to the network locally, with a slim minority relying on remote connectivity via a VPN, but that dynamic has flipped.

“The dramatic increase in VPN use has led to frequent connectivity issues, and — especially considering the disruption to usual security practices — it also creates significant risk, as it multiplies the potential impact of a distributed denial-of-service (DDoS) attack. VPNs are an easy vector for a DDoS attack.”

A rise in size and threats

An increase in size of volumetric attacks on networks has been detected, with Neustar recently mitigating an attack measured at 1.17 terabytes that required unique and diverse tactics in order to successfully fend it off.

“In times like these,” continued Joffe, “an always-on managed DDoS protection service is critical. A purpose-built mitigation solution can keep remote workforces connected and productive and ensure that business continues without interruption.”

As well as an increase in size, the NISC report revealed an increase in threats compared to previous research; the council’s International Cyber Benchmarks Index, which examines the overall cyber security picture, recorded a new high of 33.1 in March 2020, when the survey was carried out.

The index is based on the responses to five questions from a bimonthly survey of cyber security professionals. The percentage of respondents that state that certain cyber events have affected business protection is multiplied by the average “net increase” percentages relating to changes in level of threat, level of attack, and threat landscape.

Cyber attack concerns and increasing threats

When asked which cyber threats caused the most concern, 23% of respondents cited distributed denial-of-service (DDoS) as their biggest worry. This was followed by system compromise (22%) and ransomware (18%).

What are the newest cyber attacks to look out for?

With cyber attacks constantly developing and getting sneakier, we look at some of the newest attacks that companies must look out for. Read here

Regarding threats that were perceived as increasing, social engineering via email was identified by 61%, followed by DDoS attacks (59%) and ransomware (58%).

[emailsignup]

Avatar photo

Aaron Hurst

Aaron Hurst is Information Age's senior reporter, providing news and features around the hottest trends across the tech industry.