Businesses are feeling more confident about securing hybrid work
>
According to new research from cybersecurity firm Thales, companies are more confident in securing hybrid work after a pandemic.
More than eight in ten – 84% – of IT professionals in 2022 said they were “somewhat” confident in the ability of their current user access security systems to work securely and easily remotely, up from 56% in 2021.
In addition, 60% of these 2022 respondents said they had “high confidence” in the capability of these systems, compared to just 22% in 2021.
How are approaches to security changing?
The report notes that some types of approaches to securing the organization are emerging, with multi-factor authentication (MFA) adoption growing for internal and non-IT workers, rising to 40% in 2022 compared to 34% in 2021.
However, according to the survey, widespread adoption of MFA by companies is still the norm with just over half (56%) adopting MFA in their organizations.
The pandemic also reportedly impacted plans to adopt cloud-based access management: 45% of respondents worldwide plan to deploy this technology by 2022, compared to 41% in 2021 according to Thales.
Responses also revealed a 6% global increase in plans to deploy stand-alone MFA, up from 31% in 2021.
Garrett Bekker, principal analyst at 451 Research, noted, “Just as the threat landscape has evolved, so have the tools and methods of dealing with the landscape.”
“But even with innovative tools and increased trust levels, security plans and approaches still need to adapt to the ever-changing threat environment.”
He added, “A greater shift to a Zero Trust model would put access management at the heart of enterprise security strategies, with a related reliance on MFA as a critical supporting factor.”
Unfortunately, MFA alone cannot protect your business from harm 100% of the time.
Cybersecurity researchers at Sophos have highlighted that some attackers are now stealing session cookies, allowing them to bypass MFA, as these tools consider hackers authenticated while using the stolen cookies.
According to Sophos, some of these cookies were sold on the darknet black market Genesis.