91% of IT teams have felt ‘forced’ to trade security for business operations | ZDNet
A new survey suggests that the majority of IT staff have felt pressured to ignore security concerns in favor of business operations.
The coronavirus pandemic has caused enormous economic damage, and as the virus continues to sweep across the globe, many businesses have suffered. In order to keep operations ticking over — or to facilitate the changes needed in order to survive — employers turned to virtual meetings and remote working.
While working from home may once have appeared to be just a temporary measure, remote and hybrid work is now firmly entrenched in some sectors — and there may be serious ramifications for cybersecurity.
On Thursday, HP Wolf Security published a new study, the Security Rebellions & Rejections report, which combines data from an online YouGov survey targeting office workers that adopted WFH and global research conducted with IT decision-makers.
In total, 91% of those surveyed said that they have felt “pressured” to compromise security due to the need for business continuity during. 76% of respondents said that security had taken a backseat, and furthermore, 83% believe that working from home has created a “ticking time bomb” for corporate security incidents.
IT teams, their workloads, and the need to compromise are not the only issues — it also appears there are general feelings of apathy and frustration when it comes to managing cybersecurity in a remote workplace.
According to the survey, younger workers, in particular, are more likely to circumvent existing security controls in order to manage their workloads, with 48% of this group saying that security tools, such as website restrictions or VPN requirements, are a hindrance — and 31% have at least attempted to bypass them.
Overall, 48% of office workers said that security measures waste time and 54% in the 18 – 24-year-old bracket were more concerned with meeting deadlines than potential security breaches. In addition, 39% of this group were unsure or unaware of their employer’s security policies.
Other points of note include:
- 37% of office workers believe security policies are often too restrictive
- 80% of IT teams experienced backlash from home users because of security policies
- 83% of IT teams said the blurred lines between home and work life made enforcement “impossible.”
“CISOs are dealing with increasing volume, velocity, and severity of attacks,” commented Joanna Burkey, HP CISO. “Their teams are having to work around the clock to keep the business safe while facilitating mass digital transformation with reduced visibility. Cybersecurity teams should no longer be burdened with the weight of securing the business solely on their shoulders; cybersecurity is an end-to-end discipline in which everyone needs to engage.”
Previous and related coverage
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0