Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecuritySecurity NewswireCybersecurity News

85% of Chief Information Officers Admit Weaknesses in IT Networks during Coronavirus

cyber network
May 5, 2020
Millions of U.S. businesses forced to rapidly support home working for employees are facing significant challenges to securely manage their IT networks, according to a new report. The research from Tanium, provider of unified endpoint management and security built for demanding IT environments, reveals that nearly three-quarters (72 percent) of US CIOs find previously undiscovered computing devices on a daily or weekly basis.  
 
The findings come from a global study of 750 IT decision makers. It reveals that nearly six in 10 (57 percent) CIOs worldwide are concerned that a lack of visibility and control of endpoints – such as laptops, servers, virtual machines, containers and cloud infrastructure – will make their companies more vulnerable to cyberattacks.  
 
The study uncovers three challenges that organizations should address as home working environments become more widespread in the United States and elsewhere: 
  
1. A Surge in Unprotected Endpoints  
Unpatched devices open doors for malicious actors, especially in decentralized IT networks. More than half of survey respondents - 54 percent - say that employees and teams adding solutions and environments (i.e. cloud environments) without permission is the biggest challenge in maintaining control of the IT environment.. However, even if remote endpoints are identified, they may be left unfixed due to the considerable bandwidth and time required to connect them via VPN to a centralized patch management solution. By allowing such vulnerabilities to persist, enterprises are exposing their networks to a greater risk of exploitation and privacy breaches and these risks will likely escalate as stay-at-home orders extend in scope and duration, says the report.
 
The research also suggests that the volume of unpatched devices may increase due to the growing complexity of IT systems. Responding organizations implement an average of 38 separate security and operations tools to manage their IT environments. Such sprawl limits the effectiveness of already-siloed teams and reduces visibility into the estate. 
 
Chris Hallenbeck, Chief Information Security Officer for the Americas at Tanium said: “It’s been weeks since countless organizations switched to remote working models almost overnight, and it’s been encouraging to see how many businesses were able to transfer workflows and operate decentralized networks quickly. Yet our new research shows that the vast majority of businesses will encounter serious challenges around patch and security compliance as remote working continues. The proliferation of unknown computing devices within organizations’ IT environments, in particular, is offering malicious actors access to corporate and customer data. This threat alone will likely surge as working from home becomes the new normal.”  
 
2. Stressors that Threaten to Expose Corporate Assets 
As hackers ramp up phishing attacks on remote workers, IT leaders who lack visibility into these new endpoints may find their organizations dangerously exposed. Nearly a quarter (22 percent) of IT decision makers cite employees clicking on malicious links as a top challenge in maintaining control of the IT environment. An additional 34 percent name departments implementing their own tools without IT’s knowledge (shadow IT) as a major cause of endpoint visibility gaps.      
 
IT leaders are worried that this limited visibility of endpoints could leave their company more exposed to cyberattacks (50 percent), but also that it may damage the brand (44 percent), make risk assessments harder (35 percent), and impact customer loyalty (37 percent).  
 
3. Compliance Challenges  
Those fundamental IT weaknesses that 85 percent of CIOs are finding also carry compliance risks. Both the California Consumer Privacy Act (CCPA) and the European Union’s General Data Protection Regulation (GDPR) hold companies strictly accountable for the personal information they store and process. In a sweeping effort to adhere to such requirements, US CIOs report spending $81.9 million on compliance over the past 12 months and an additional $167 million on cyber liability insurance. In the past year, US decision makers outspent their counterparts in Europe and Japan. 
 
However, despite this increased investment, US organizations feel unprepared to deal with the evolving regulatory landscape, with 40 percent claiming that a lack of endpoint visibility and control is one of the biggest barriers to maintaining compliance regulations. As many as 67 percent are also worried that poor IT hygiene threatens their ability to remain compliant with CCPA, which went into effect in January 2020. 
 
Hallenbeck concluded, “Regardless of asset location, CIOs and CISOs need to know which assets are plugged into the network and what applications they are running. Even personal computing devices that are being used for work should be integrated into the organization's risk management practices. This may include denying a non-compliant device access until patched, and allowing the device owner to opt into the organization's endpoint management system, to guarantee that they can be monitored and remediated in the event of an incident. No organization can afford to exclude devices from their cybersecurity infrastructures, including personal ones that are increasingly shuttling sensitive customer information. While the premises may have changed, organizations still need full visibility into the IT environment to keep customer and enterprise data secure.”  
 
KEYWORDS: Chief Information Officer (CIO) cyber security endpoint security information security

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cybersecurity
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Logical Security
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Coding

AI Emerges as the Top Concern for Security Leaders

Half open laptop

“Luigi Was Right”: A Look at the Website Sharing Data on More Than 1,000 Executives

Shopping mall

Victoria’s Secret Security Incident Shuts Down Website

Laptop with coding on ground

Stepping Into the Light: Why CISOs Are Replacing Black-Box Security With Open-Source XDR

Gift cards and credit cards

Why Are Cyberattacks Targeting Retail? Experts Share Their Thoughts

2025 Security Benchmark banner

Events

June 24, 2025

Inside a Modern GSOC: How Anthropic Benchmarks Risk Detection Tools for Speed and Accuracy

For today's security teams, making informed decisions in the first moments of a crisis is critical.

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

From animal habitats to bustling crowds of visitors, a zoo is a one-of-a-kind environment for deploying modern security technologies.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • digital-cyber

    Five tips for chief information security officers to increase their strategic value to the CEO and board of directors

    See More
  • person stressed at table

    85% of IT anticipate leaving their role due to burnout

    See More
  • employees working at laptops

    40% of IT workers admit to working 50+ hour weeks consecutively

    See More

Related Products

See More Products
  • databasehacker

    The Database Hacker's Handboo

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing