There is a stark contrast between Indian organisations’ plans for a hybrid work model and the reality of securing it, according to the findings of a recent study published by cybersecurity firm Tenable.

The global study revealed that 71 per cent of organisations in India attribute recent business-impacting cyberattacks to vulnerabilities in technology put in place in response to the pandemic.

The data is drawn from ‘Beyond Boundaries: The Future of Cybersecurity in the New World of Work’, a commissioned study of more than 1,300 security leaders, business executives and remote employees worldwide, including 92 responses in India, conducted by Forrester Consulting on behalf of Tenable.

Culture shift

As per the report, 80 per cent of Indian organisations plan to have employees working from home at least once a week in the next 12-24 months, while 63 per cent plan to make a permanent move to remote work over the next two years.

However, 53 per cent of security and business leaders showed concerns that their organisations are only somewhat or not at all prepared to secure their workforce strategy.

Also see: ‘Cultural adaption, ensuring trust key for success of digitisation’

The lack of employee awareness to secure home networks and personal devices (53 per cent) and visibility into employee security practices (56 per cent) are the specific challenges that emerged in terms of security.

Furthermore, only 29 per cent of respondents felt that they have enough staff to adequately monitor the attack surface.

“It’s clear that organisations need to eliminate blind-spots by shoring up their defences to support the next phase of their workforce model,” the report said.

Third-party vendors

The study also found that the fast deployment of new technologies to facilitate remote work heightened the level of risk for Indian businesses. In the past year, a significant 88 per cent of Indian organisations experienced a business-impacting cyberattack, with 56 per cent of respondents indicating that the attacks targeted remote workers.

63 per cent of security leaders attributed recent attacks to a third-party software vendor compromise — underscoring the need for greater visibility into the atomised attack surface.

New reality

“The future of work is without perimeters and organisations must be prepared to secure their new reality,” said Kartik Shahani, country manager at Tenable India.

“It’s more important than ever for business and security leaders to lock arms and weave cybersecurity into the fabric of their organisations’ digital infrastructure. Organisations must rethink their approach to understanding and managing cyber risks in the new world of work,” Shahani added.

Also see: Can’t but bank on cybersecurity

“Hybrid work models and a digital-first economy have brought cybersecurity front and centre as a critical investment that can make or break short- and long-term business strategies,” the report further added.

In a bid to address this demand, Indian security leaders plan to increase cybersecurity investments in vulnerability management (92 per cent), cloud infrastructure and platforms (84 per cent) and identity access management (66 per cent).