Securing the growing hybrid workplace presents exponential threat landscape
Palo Alto, CA (Sept. 16, 2021) – HP Inc. has released its HP Wolf Security Rebellions & Rejections report, a comprehensive global study highlighting the tension between IT teams and employees working from home (WFH) that security leaders must resolve in order to secure the future of work.
The findings show that IT teams have been forced into compromising security for business continuity at a time of rising threats. Making matters worse, their attempts to increase or update security measures for remote workers have often been rejected. This is particularly true for the future workforce of 18-24-year-olds – digital natives who feel increasingly frustrated with security getting in the way of deadlines, leading many to circumvent controls.
The new HP Wolf Security* report combines data from a global YouGov online survey of 8,443 office workers who shifted to WFH during the pandemic and a global survey of 1,100 IT Decision Makers, conducted by Toluna. Key findings include:
- 76% of IT teams admit security took a backseat to business continuity during the pandemic, while 91% felt pressure to compromise security for business continuity.
- Almost half (48%) of younger office workers (18-24 years old) surveyed viewed security tools as a hindrance, leading to nearly a third (31%) trying to bypass corporate security policies to get their work done.
- 48% of office workers surveyed agreed that seemingly essential security measures result in a lot of wasted time – this rises to 64% among those ages 18-24.
- Over half (54%) of 18–24-year-olds were more worried about meeting deadlines than exposing their organization to a data breach; 39% were unsure what their security policies say, or are unaware if their company even has them – suggesting a growing level of apathy among younger workers.
- As a result, 83% of IT teams believe the increase in home workers has created a “ticking time bomb” for a corporate network breach.
“The fact that workers are actively circumventing security should be a worry for any CISO – this is how breaches can be born,” comments Ian Pratt, Global Head of Security for Personal Systems, HP Inc. “If security is too cumbersome and weighs people down, then people will find a way around it. Instead, security should fit as much as possible into existing working patterns and flows, with technology that is unobtrusive, secure-by-design and user-intuitive. Ultimately, we need to make it as easy to work securely as it is to work insecurely, and we can do this by building security into systems from the ground up.”
The report highlights that many security teams have made efforts to curb user behavior to keep data safe. 91% have updated security policies to account for the rise in working from home, while 78% have restricted access to websites and applications. However, these controls often create friction for users, who resent the controls and push back on IT, leaving security teams feeling dejected and rejected:
- 37% of office workers surveyed said security policies and technologies are often too restrictive.
- 80% of IT teams experienced push back from users who do not like controls being put on them at home; 67% of IT teams said they experience complaints about this weekly.
- 83% of IT teams said trying to set and enforce corporate policies around cybersecurity is impossible now the lines between personal and professional lives are so blurred.
- 80% of IT teams said IT security was becoming a “thankless task” because nobody listens to them.
- 69% of IT teams said they are made to feel like the “bad guys” for imposing restrictions.
“CISOs are dealing with increasing volume, velocity and severity of attacks,” comments Joanna Burkey, Chief Information Security Officer (CISO), HP Inc. “Their teams are having to work around the clock to keep the business safe, while facilitating mass digital transformation with reduced visibility. Cybersecurity teams should no longer be burdened with the weight of securing the business solely on their shoulders, cybersecurity is an end-to-end discipline in which everyone needs to engage.”
Burkey continues: “To create a more collaborative security culture, we must engage and educate employees on the growing cybersecurity risks, while IT teams need to better understand how security impacts workflows and productivity. From here, security needs to be re-evaluated based on the needs of both the business and the hybrid worker.”
HP is helping organizations to secure the hybrid workplace by delivering transparent and unobtrusive endpoint security. With HP Wolf Security organizations benefit from robust, built-in protection from the silicon to the cloud, and BIOS to browser. It enables Cybersecurity teams to deliver user-friendly tools and help to ease restrictions, while also providing defense-in-depth and enhanced protection, privacy, and threat intelligence, gathering data at the endpoint to help protect the business at large.
- Access the report: HP Wolf Security Rebellions & Rejections report
The HP Wolf Security “Rebellions & Rejections’’ report is based on findings from:
- A Toluna survey of 1,100 IT decision makers in the UK, the US, Canada, Mexico, Germany, Australia, and Japan. Fieldwork was undertaken between 19th March – 6th April 2021. The survey was carried out online.
- A YouGov survey of 8,443 adults in the US, the UK, Mexico, Germany, Australia, Canada, and Japan who used to be office workers, and worked from home the same amount or more than before the pandemic. Fieldwork was undertaken between 17th – 25th March 2021. The survey was carried out online.
- The 2020 Cybersecurity Threat Landscape for Remote Workers as a Result of the COVID-19 Pandemic report from KuppingerCole, conducted in March 2021. This provides context and analysis of the changing work landscape in 2020 as a result of the COVID-19 pandemic with attention to the activities and practices of companies and employees globally, as well as the activities and tendencies of malicious actors to vulnerabilities that arose because of the changing context.
HP Inc. (NYSE: HPQ) creates technology that makes life better for everyone, everywhere. Through our product and service portfolio of personal systems, printers and 3D printing solutions, we engineer experiences that amaze. More information about HP Inc. is available at http://www.hp.com.
About HP Wolf Security
From the maker of the world’s most secure PCs† and Printers‡, HP Wolf Security is a new breed of endpoint security. HP’s portfolio of hardware-enforced security and endpoint-focused security services are designed to help organizations safeguard PCs, printers and people from circling cyber predators. HP Wolf Security provides comprehensive endpoint protection and resiliency that starts at the hardware level and extends across software and services.
© Copyright 2021 HP Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the expresswarranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.
* HP Security is now HP Wolf Security. Security features vary by platform.
† Based on HP’s unique and comprehensive security capabilities at no additional cost among vendors on HP Elite PCs with Windows and 8th Gen and higher Intel® processors or AMD Ryzen™ 4000 processors and higher; HP ProDesk 600 G6 with Intel® 10th Gen and higher processors; and HP ProBook 600 with AMD Ryzen™ 4000 or Intel® 11th Gen processors and higher.
‡ HP’s most advanced embedded security features are available on HP Enterprise and HP Managed devices with HP FutureSmart firmware 4.5 or above. Claim based on HP review of 2021 published features of competitive in-class printers. Only HP offers a combination of security features to automatically detect, stop, and recover from attacks with a self-healing reboot, in alignment with NIST SP 800-193 guidelines for device cyber resiliency. For a list of compatible products, visit: hp.com/go/PrintersThatProtect. For more information, visit: hp.com/go/PrinterSecurityClaims.
Source: HPTags: coronavirus, cyber risk, cyber security, epidemic, Hewlett Packard (HP), silent cyber risk