With the rise of hybrid and remote work environments, security leaders have wondered how best to protect their employees. The 2023 State of Hybrid Work and Browsing Security Survey Report by Red Access sheds light on the challenges faced by CISOs in today's age of hybrid work. The report's primary points of interest include the impact of the hybrid workforce on security posture, the new risks this way of work introduces as well as modern CISOs' chief concerns and strategies for hybrid work security moving forward.
The report is based on the survey responses of 300 CISOs from the U.S. and U.K., hailing from companies of 5,000 or more employees. Among the report's most critical findings is the revelation that browsing-based threats ranked as CISOs' number one concern, regardless of whether their organization was operating primarily in an in-office, hybrid or remote setting. And as for the risks posed by hybrid and remote workers specifically, insecure browsing also topped the list of CISOs' concerns.
The report goes on to reveal a number of other key findings around the role of hybrid and remote work, and their impact on organizational security, including:
- Nearly two-thirds (63%) of CISOs said they anticipate most employees at their organizations would work under a primarily hybrid or remote model in three years' time.
- 72% of CISOs agree that the hybrid and remote workforce has a negative impact on their organization's security posture.
- When asked to select the Top 3 most significant cyber threats to their organizations, "Browsing Threats" topped the list, with nearly half (43%) ranking it as a top concern. CISOs also ranked "insecure browsing" as the #1 hybrid/remote work security concern that puts their organizations at the most risk.
- Rates of adoption of SWGs are significantly lower at organizations in which most employees would be working in a remote or hybrid environment in three years' time (47%) than they are at organizations at which employees would be working primarily in-office (55%).
- 73% of CISOs said that, when selecting a new security solution, it is either "extremely important" or "very important" that it enables a seamless end-user experience on any device.