Tenable ブログ
ブログ通知を受信する
サウジアラビアでの注目すべき事例: 新しい働き方により攻撃者が狙うセキュリティのリスクが拡大する
A new world of work has been adopted by Saudi Arabian organizations, with many planning to make hybrid and remote work models permanent. Here’s how these changes are increasing risk.
The transition to cloud adoption and remote work practices, which were being cautiously adopted in Saudi Arabia prior to the pandemic, has accelerated in the past 18 months. Today, 91% of organizations have remote employees, up from just 34% in early 2020. Moving forward, the vast majority of organizations (91%) plan to adopt this working model permanently. But embracing this new world of work opens up new and unmanaged cyber risk.
The self-reported data is drawn from a commissioned study of more than 1,300 security leaders, business executives and remote employees worldwide, including 104 respondents in the Kingdom of Saudi Arabia. 「境界を超える:The Future of Cybersecurity in the New World of Work, was conducted by Forrester Consulting on behalf of Tenable in April 2021.
Introducing a hybrid working model is complex
To facilitate the new world of work, cloud adoption has surged. The majority of Saudi organizations (77%) have moved business-critical functions to the cloud. The vast majority (80%) are now running human resources fully in the cloud or in a hybrid cloud/on-prem model; 60% are doing the same for accounting and finance.
Yet, by their own admission, 63% of Saudi organizations are prepared to support new workforce strategies from a security standpoint, while 67% believe moving business-critical functions to the cloud exposes the organization to increased cyber risk.
攻撃者はチャンスに付け込んでいます
The study found that concerns about the security implications of the new world of work are warranted. Ninety-eight percent of Saudi organizations experienced a business-impacting cyberattack* in the last 12 months, with 33% falling victim to five or more. When looking at the focus of these attacks:
- 86% resulted from vulnerabilities in systems and/or applications put in place in response to the pandemic
- 71% involved cloud assets
- 66% exploited an unmanaged personal device used by a remote employee
- 57% targeted remote workers or those working from home
We need to change the way we’re thinking about risk
The pandemic has seen the corporate perimeter shattered. Organizations must reevaluate their approach to cybersecurity, making sure it is closely aligned to the business, in order to effectively reduce the risks introduced by remote work.
This requires the ability to gain a holistic view of the expanded attack surface — wherever it resides. This needs to be combined with external factors — such as identifying vulnerabilities being actively exploited and the impact these could potentially have on the organization — to enable security leaders to fully comprehend the risks posed.
Given the change to working practices, employees are operating outside the safe confines of the network with a myriad of devices. This elevates the role Active Directory plays and puts new emphasis on the importance of configurations and user privileges. Organizations need to develop adaptive user risk profiles that take context into account — who is trying to access what, where are they doing that from and what are they using to do it. And the activity needs to be continuously monitored. For example, someone using a corporate-owned device within the office perimeter during working hours may be deemed a lower risk than someone connecting using their own device over an insecure WiFi hotspot at 2:00 am.
The new world of work opens up possibilities, for employees, who can now work anywhere, and for the organization, which can benefit from the improved productivity. However, it’s imperative that security and business leaders fully explore and resolve the inherent risks involved to ensure the new ways of working don’t come at too high a cost.
If cybersecurity strategies fail to keep pace with business changes, today’s risk could become tomorrow’s reality.
*A business-impacting cyberattack is one which results in one or more of the following outcomes: loss of customer, employee, or other confidential data; interruption of day-to-day operations; ransomware payout; financial loss or theft; and/or theft of intellectual property
関連記事
Cybersecurity Snapshot: CISA Shines Light on Cloud Security and on Hybrid IAM Systems’ Integration
March 15, 2024Check out CISA’s latest best practices for protecting cloud environments, and for securely integrating on-prem and cloud IAM systems. Plus, catch up on the ongoing Midnight Blizzard attack against Microsoft. And don’t miss the latest CIS Benchmarks. And much more!
Poor Identity Hygiene at Root of Nation-State Attack Against Microsoft
February 1, 2024The latest breach suffered by Microsoft shows once again that detection and response are not enough. Because the source of an attack almost always boils down to a single overlooked user and permission, it’s critical for organizations to have strong preventive security.
Cybersecurity Snapshot: What’s in Store for 2024 in Cyberland? Check Out Tenable Experts’ Predictions for OT Security, AI, Cloud Security, IAM and more
December 29, 2023The new year is upon us, and so we ponder the question: What cybersecurity trends will shape 2024? To find out, we asked Tenable experts to read the tea leaves. Their 2024 forecasts include: A bigger security role for cloud architects; a focus by ransomware gangs on OT systems in critical industries; an intensification of IAM attacks; and much more!
- Active Directory
- Cloud
- Executive Management
- EMEA
- Remote Workforce
- Reports
- Risk-based Vulnerability Management
- Threat Intelligence
- Threat Management
- Vulnerability Management
- Vulnerability Scanning