So perhaps it’s not surprising that when browser security brand Red Access asked CISOs to name the most important criteria for hybrid and remote employees to successfully adopt a new security solution, employee training and communication topped the list, named by 61 percent. Likewise, when CISOs were asked more generally about the most important criteria when selecting a security solution or product to deploy within their organizations, employee user experience (35 percent) was cited more often than even pricing (34 percent) and level of security (33 percent). Similarly, “cybersecurity training for employees” was a top area of projected investment for 2023 among 500 organizations recently surveyed by NordLayer. Cited by 53 percent of respondents, training was topped only by the planned purchase of security solutions in general (59 percent). More than four in 10 respondents expressed intent in investment in “additional staff dedicated to cybersecurity questions.” “It is essential to invest in security training, tools and dedicated employees in the company and view security as continuous learning and growth,” warned NordLayer researchers. When it comes to preventing cyberattacks among hybrid workers specifically, organizations surveyed by Fortinet cited a lack of user awareness and training about cybersecurity hygiene as their top concern. A full 80 percent of respondents expressed plans to invest in cybersecurity training and awareness services. Of course, training and awareness only can go so far if a solution is overcomplicated, difficult to use or perceived as counterproductive. In turn, CISOs are placing priority on security software that is more user friendly. Solutions need to be seen as fluid with the employee’s day-to-day work, not prohibitive or inconvenient. Indeed, CISO’s widely agreed (73 percent) on the importance of a seamless staff experience, showed Red Access findings. When posed with questions regarding the importance of integrating security solutions within the understanding of employee jobs, respondents largely identified it as either very (47 percent) or extremely (26 percent) important. On the flip side, a full 99 percent of CISO expressed either significant (22 percent) or moderate (77 percent) concern over the potential for a drop in productivity from deploying a cybersecurity program that protects hybrid/remote employees’ browsing activities. CISOs need to discover their own balance between effectively protecting their workforce and not skirting productivity. Above all else, it is incumbent for CISOs to continue to evolve cybersecurity policy, keeping staff members updated throughout the process as trends in security change. This includes a focus on assessing the most-likely threats, creating a set of strategic objectives and practices for remote workers and updating that strategy as necessary. Partner and customer investments in cybersecurity are for naught if those resources are not properly employed. So much of all of this can vary, based on the companies’ behavior. For most CISOs, the goal is to minimize the impact of an errant click or stolen credential. By promoting generally safer cybersecurity policy and more sound common-sense habits based around awareness, businesses are automatically more secure. o In general, what are the most important criteria for you, as a CISO, when you select a security solution/product to deploy in your organization? Ability to integrate with other tools 45% Ease of deployment 38% Employee user experience 35% Ease of management 35% Pricing 34% Compliance to regulations 34% Level of security 33% Little IT resources required 31% Source: Red Access CYBER PATROL 26 CHANNELVISION | JULY - AUGUST 2023 Source: Enterprise Management Associates (EMA) Does your organization use wireless connectivity as a primary WAN connectivity for any of its sites? Source: Enterprise Management Associates (EMA) Yes, for many of our sites Yes, for some of our sites Yes, for specific applications (ATMs, mobile point of sale, etc.) No, it is only a backup option 39.9% 7.1% 3.0% 50.0% Skills gaps Inconsistent global performance across geographies (i.e., middle mile) Hardware complexity Lack of traditional service-level agreements None - we perceive no significant challenges 17.3% 16.3% 14.7% 13.1% 6.1% Source: NordLayer Projected cybersecurity investments for 2023 0% 20% 40% 60% 59% 53% 45% 37% 37% 11% 1% 5% Can’t disclose None Other Purchase of cybersecurity solutions/service/apps Cybersecurity traning for employees Increased staff dedicated to cybersecurity questions External cybersecurity audits Preparation for organizational certifications (ISO27001, SOC2, etc.)
RkJQdWJsaXNoZXIy NTg4Njc=