"Security Overlooked in Rush to Hybrid Working"

Security researchers at Apogee have discovered that security is a priority for less than a fifth (14%) of organizations looking to transition fully to a hybrid or remote workforce, leaving many exposed to cyber risk.  The researchers polled 100 SME IT directors in the UK and 100 of their counterparts in the public sector.  The researchers noted that a quarter of respondents identified security challenges that have impacted their progress in digital transformation.  This is a common problem for organizations that fail to prioritize security by design in such projects.  Without security front-and-center, initiatives can be quickly derailed by breaches and other incidents.  Only a third (34%) of respondents claimed that they have endpoint security in place, and only 26% have device encryption.  In addition, only a fifth (19%) have an "end-of-life plan" in place for their devices, and a further 30% plan to implement one in the future.  That still leaves around half of the respondents with no such plans, putting devices potentially at risk if they are allowed to remain functional with no vendor patches being issued.  The researchers also found that almost one in three (29%) IT directors said they only audit their IT estate between once a month and once every 4–6 months, which could leave both networks and devices vulnerable to cyberattacks.  Nearly two-thirds (64%) admitted they are not very confident in their IT estate's ability to meet compliance requirements.

Infosecurity reports: "Security Overlooked in Rush to Hybrid Working"