Cybersecurity More Important Than Ever in Home Office Age
Photo by Gorodenkoff / Shutterstock.com
The coronavirus pandemic resulted in a skyrocketing of the popularity of teleworking and has, in turn, made cybersecurity a vital issue for businesses around the globe. In Hungary and the CEE region in general, organizations recognize the need for improvements; however, there are still areas where more effort is needed, the Microsoft “2020 Central and Eastern Europe IT Cloud Security Survey” reveals.
The study, compiled by market intelligence firm IDC, involved some 1,500 companies from both the SME and large enterprise categories, with 200 participants from Hungary. The other countries included in the survey were the Czech Republic, Greece, Poland, Romania, and Russia.
“The COVID-19 pandemic massively accelerated digital transformation,” said Mark Child, research manager at IDC’s European security group, adding that cybercriminals took advantage of this.
The rise of remote work resulted in more focused attention on cybersecurity issues. Hungarian companies identified protection against malware (65.5%), secure remote working (56%), and restricting employee access to only relevant applications and databases (51.5%) as the top three security priorities for the next 6-18 months.
“When people log in to work from home, they probably don’t realize they have their company’s security in their hands. They need tools and support to help them protect their digital identity and the company’s security,” noted Andrey Savchuk, head of enterprise security, compliance, and identity at Microsoft CEE.
“Businesses must take a Zero Trust approach, which includes explicitly verifying every access and user’s identity; and limiting access to what they need here and now,” he added.
There are a variety of access controls companies can use to make sure their systems remain protected. In Hungary, the most common solutions in use include endpoint protection (75.5%), secure remote access, such as VDI and VPN (74.5%), and access management (64%).
The survey also took a look at the most common security challenges faced by the companies in the past year. Slightly more than one-third of Hungarian respondents reported malware or ransomware attacks on their organization, and about 28.5% failed to meet privacy regulations such as GDPR. The third most common problem faced (24.5%) was outdated security processes and systems.
Addressing the problem of ransomware attacks, Child explained, “We also expect to see more attacks on organizations in Europe because […] the U.S. last year passed a law prohibiting the payment of ransoms and ransomware attacks because they view it as funding organized crime. The upshot of that is cyber attackers are refocusing their efforts on European organizations.”
In Hungary, approximately 44.5% of the surveyed companies had a comprehensive security strategy, while 34.5% said they had a partially developed security strategy. However, only a fraction of companies had a chief information security officer (CISO) in place to oversee cybersecurity.
Just 15% of firms in Hungary had a CISO; in 43% of cases, cybersecurity was overseen by a CIO or IT manager. Even more troublingly, at 18.5% of companies, the person responsible for IT security was a CEO or general manager. In 9.5% of the cases, the company owner was the person responsible for such duties.
“Cybersecurity decision-making is not always being elevated to the highest levels of the organization, which is necessary if we want security to be prioritized and strategically implemented across all levels of the organization,” Savchuk argued.
Another problem is the lack of comprehensive cybersecurity awareness programs. While 34.5% of Hungarian firms have a detailed awareness program, 43% conduct cybersecurity training on an ad-hoc basis. Some 14.5% of respondents said that they had no such programs at all.
“Having a patchwork of different tools and programs across a single organization can create frustration and reduce efficiency for workers. Effective security solutions will look to relieve pressure from the workforce, rather than relying on their compliance with requests for updates and log-ins on multiple different platforms,” Savchuk pointed out.
“We need people to have the same level of comfort and expectation around security controls as they do in their personal lives. Just as you wouldn’t leave your home unlocked, so you have a responsibility to understand and comply with the security measures put in place by your company,” he added.
The participating companies were also asked about the steps they thought were necessary to improve their cybersecurity. Among Hungarian companies, 61% mentioned training employees, 49.5% argued for increasing technical IT knowledge, and 45% answered that creating or expanding their cybersecurity strategy is the step to take.
On the other hand, only 8.5% of companies said that they plan to move from on-premises to cloud security, the lowest among the six countries included in the survey.
In terms of budget, most Hungarian companies realized that skipping costs would negatively affect the future. Only 2% of respondents said that they would cut their cybersecurity budget in the next two years, while 65% planned to keep it stable. About a third of companies said they are planning to increase funding.
This article was first published in the Budapest Business Journal print issue of May 21, 2021.
SUPPORT THE BUDAPEST BUSINESS JOURNAL
Producing journalism that is worthy of the name is a costly business. For 27 years, the publishers, editors and reporters of the Budapest Business Journal have striven to bring you business news that works, information that you can trust, that is factual, accurate and presented without fear or favor.
Newspaper organizations across the globe have struggled to find a business model that allows them to continue to excel, without compromising their ability to perform. Most recently, some have experimented with the idea of involving their most important stakeholders, their readers.
We would like to offer that same opportunity to our readers. We would like to invite you to help us deliver the quality business journalism you require. Hit our Support the BBJ button and you can choose the how much and how often you send us your contributions.