With the workplace landscape evolving to more remote workers, the scope of cybersecurity threats and how to guard against them are also changing. According to The State of Security 2022 report by Splunk, IT and Security teams are supporting more than double the number of remote users today (46%) when compared to pre-pandemic numbers (21%).
In the latest report by Jamf Threat Labs, these security threats are explored more thoroughly. The 2023 Security 360: Annual Trends Report examines threats that impact devices used in the modern workplace. The report features information compiled from the analysis of security trends within a sample of 500,000 devices protected by Jamf across 90 countries, over 12 months.
With users connecting remotely to a variety of apps and services hosted in private and public data centers and relying on various cross-platform mobile devices, this year’s report focuses on five key security trends that are impacting organizations.
Social engineering and specifically phishing attacks, continues to top the list of significant cybersecurity threats. According to the report, in 2022, 31% of organizations had a least one user fall for a phishing attack and 16% of users exposed sensitive data by connecting to risky hotspots.
“The messages are intentionally written in a way to scare victims into clicking links that steal their authentication tokens, run malicious code to exploit a vulnerability on their device or simply routes the victim to a bogus website impersonating a legitimate one, tricking them into providing their credentials,” the report states. “Unfortunately, by the time the user has spoken with IT, it’s usually too late.”
Cybersecurity awareness training is one of the best defensive measures for these sort of threats, the report states. Utilizing a comprehensive user training program built into the onboarding process as well as following up with updates scoped to the attacks targeting organizations globally, employees will have the knowledge necessary to recognize threats and assess risks involved with phishing attempts.
Privacy protection is another key security trend, according to the annual report. Personal data isn’t only collected without the user’s permission it is also potentially compromised in other ways including:
- Nation-states enabling code to tap communication feeds
- Bad actors utilizing data for personal or financial gain and blackmail
- Businesses selling collected data — without user consent — to advertisers or third-party partners
The Jamf report reveals that another aspect to consider are organizations that gather personal data as part of a legitimate operating procedure may have insufficient protections in place to secure personal data from an external attack, insider threat or regulatory governance. And some of these organizations might not even be aware there is a threat. According to the report, in 2022 5% of organizations had a potentially unwanted application installed in their device fleet.
Converging attacks into novel threats
The Jamf report states that actively monitoring endpoint health is critical when assessing combined risk factors. Combining various attacks together is not new however, according to the report these converged threats are being actively used target distributed workforces in new ways to gain unauthorized access to protected services and resources. Attacks can occur over any period, without detection and can take on more than one form.
Convergence is difficult to protect against, however there are certain practices that could help mitigate risks.
“Actively monitoring endpoints and gathering telemetry data on endpoint health status is a critical bit of data for administrators as it provides deep visibility into devices and how they fare concerning several vectors, like patch levels, especially since suspicious behaviors that may indicate a device is compromised without being seen or felt by an end user,” the report states.
Organizational data security and the importance of user privacy are a growing trend especially with compliance — particularly with state, federal and regional regulations. Add personally-owned devices to the mix, and the challenge becomes greater.
“As with most security-centric discussions, there are no silver-bullet or one-size-fits-all solutions that will cover all the bases necessary to keep your infrastructure compliant all the time,” according to the report. “We recommend implementing a defense-in-depth security strategy that provides multiple converging solutions to address your unique compliance requirements from many angles.”
The recent shift to remote work has brought a change for securing users, data and devices utilizing cloud-base solutions to distribute security services and allow users to work on any device anywhere. However, organizations are still experiencing challenges to data security from remote and hybrid work environments.
According to the report, one in every five devices ran an operating system that was not up to date. This shows that it is essential for security to exist at all layers of a defense-in-depth strategy.
For more information, download the report.