Microsoft examined changes in the first two months of the pandemic in digital transformation and information security. About 800 cyber security executives at companies with more than 500 employees in India, Germany, the United Kingdom and the United States took part in the study.
The survey results reflected five major trends in cybersecurity:
- Security is the foundation for productivity in the digital age. Improving productivity when working remotely is a top priority for business unit cyber security executives (41%), and “extending data protection technology to more remote work applications” was cited by respondents as the most positive development for users in this area. Not surprisingly, “providing secure remote access to resources, applications and data” is also the biggest challenge. Most companies surveyed cited implementing multi-factor authentication as the first step toward that goal.
- Everyone is on their way to the Zero Trust concept. The concept went from being an interesting opportunity to a business priority in the early days of the pandemic. In light of the shift to remote working, 51% of IS executives are accelerating the deployment of the Zero Trust architecture. As a result, the concept could become an industry standard, as 94% of companies report that they are already implementing elements of Zero Trust to some degree.
- More different data sets – more information about possible threats. The pandemic has made it possible to assess the power of cloud technology. Microsoft monitors more than 8 trillion daily threat signals from a wide variety of sources (products, services, compromise indicator subscriptions, etc.) around the world. Automated tools have helped security professionals identify new threats before they reach customers-sometimes in fractions of a second. Cloud filters and threat detection tools have also helped alert security services to suspicious behavior, which was highly relevant to businesses because 54% of security executives reported an increase in phishing attacks since the pandemic began. Successful phishing attacks were significantly more likely to be reported by companies that described their resources as predominantly on-premises (36%), compared to 26% in companies that rely on cloud infrastructure.
- Cybersecurity is the foundation for operational resiliency. As more and more organizations provide employees with secure remote working solutions. Cloud technology makes it easier to develop a comprehensive strategy to ensure protection and business continuity in the face of active cyber threats (cyber resilience) and prepare for a wide range of contingencies. More than half of companies using cloud or hybrid technologies report having a cyber resiliency strategy for most scenarios, compared to 40 percent of organizations relying on on-premises infrastructure, of which 19 percent have no such plan documented at all.
- The cloud is a prerequisite for effective security. While professionals have often thought of security as a set of solutions to be deployed on top of existing infrastructure, events such as the massive shift to remote working demonstrate the need for integrated security systems for companies of all sizes.
In addition, more than 80 percent of companies have hired security professionals since the pandemic began. The majority of IS executives reported increasing their IS budget (58%) and compliance (65%) to adapt to the multiple business impacts of the pandemic.
At the same time, 81% also reported the need to reduce company-wide IS costs. To cut costs in the short term, executives are working to improve integrated threat protection systems to significantly reduce the risk of damage from cyberattacks. Nearly 40% of enterprises say they favor investing in cloud security in the long term, followed by data and information security (28%) and anti-phishing tools (26%).
