As hybrid work empowers employees to work from anywhere and ensure business continuity for enterprises, the use of unregistered devices by employees to access work platforms is adding new security challenges for organizations in Thailand, according to a new Cisco study.
Slightly more than 9 in 10 (92%) respondents in Thailand say their employees are using unregistered devices to log into work platforms. About 68% say their employeesspend more than 10% of the day working from these unregistered devices.
This risk associated with such a practice is recognized by security leaders with 94% of respondents in Thailand saying logging in remotely for hybrid work has increased the likelihood of occurrence of cybersecurity incidents.
This scenario is further complicated as employees are logging into work from multiple networks across their homes, local coffee shops, and even supermarkets. About 91% of respondents in Thailand say their employees use at least two networks for logging into work, and 28% say their employees use more than five networks.
The report titled “My Location, My Device: Hybrid work’s new cybersecurity challenge”, surveyed 6,700 security professionals from 27 countries, including 150 security professionals from Thailand. It highlights concerns of security professionals around the use of unregistered devices and potentially unsecured networks to access work platforms and the risks associated with such behaviors.
“As hybrid work becomes the norm, companies are empowering their employees to work from anywhere. While this has brought many benefits, it is also opening new challenges, especially on the cybersecurity front, as hackers can now target employees beyond traditional corporate network perimeters. To make hybrid work truly successful in the long run, organizations need to protect their business with security resilience. This includes establishing visibility on their networks, users, endpoints, and applications to acquire insights into access behaviors, leveraging these insights to detect threats, and harnessing threat intelligence to respond against them on-premises or in the cloud,” Director, Cybersecurity, Cisco ASEAN Juan Huat Koo said.
The use of unregistered devices is adding a new layer of challenge for security professionals as they tackle complexities in the current threat landscape. More than 6 out of 10 respondents in Thailand said they had experienced a cybersecurity incident in the past 12 months. The top three types of attacks suffered were malware, denial of service attacks, and data leaks.
Among those who suffered an incident, 86% said it cost them at least US$100,000, and 50% said it cost them at least US$500,000.
The report also found 89% of the security leaders in Thailand stating that cybersecurity incidents are likely to disrupt their businesses in the next 12-24 months. The bright side is that they are gearing up to protect themselves from internal and external threats.
With the challenges well recognized, 93% of security leaders in Thailand expect their organization to increase its cybersecurity budget by more than 10% over the next year, and almost all (98%)expect upgrades to IT infrastructure in the next 12-24 months.
“In a digital-first world, cybersecurity threats not only impact IT, but also financial, operational, organizational, and supply chain practices. With hybrid work here to stay, it is crucial that Thai organizations relook at their overall IT and security strategy to ensure that resilience is built into every fabric of their business from the network to the endpoint and the cloud edge. Cisco’s five dimensions to security resilience can help organizations in Thailand ensure that they remain secure while providing their employees with flexibility and choice to work from anywhere and connect to everywhere whether it is on-premises or cloud,” said Taveewat Chantaraseno, Managing Director, Cisco Thailand and Myanmar.