Perfect storm of cybersecurity risks threatens the hybrid workplace
2021年10月28日 - 08:00PM
HP Inc. (NYSE: HPQ) today released its latest HP Wolf Security
report: Out of Sight & Out of Mind, a comprehensive global
study highlighting how the rise of hybrid work is changing user
behavior and creating new cybersecurity challenges for IT
departments.
The research shows that a growing number of users are buying and
connecting unsanctioned devices outside of IT’s purview. It also
highlights that threat levels are rising, with attackers
increasingly successful at bypassing defenses and tricking users
into initiating attacks through phishing. All of this is making IT
support more complex, time-consuming, and costly than ever.
The report combines data from a global YouGov online survey of
8,443 office workers who shifted to Working from Home (WFH) during
the pandemic, and a global survey of 1,100 IT decision makers
conducted by Toluna. Key findings include:
- New Shadow IT buying and installing endpoints with
security out of mind: ‘Shadow IT’ typically refers to
non-IT departments deploying software beyond the purview of IT.
This shadow is now spreading, with individuals procuring and
connecting devices without being checked by IT. 45% of office
workers surveyed purchased IT equipment (such as printers and PCs)
to support home working in the past year. However, 68% said
security wasn’t a major consideration in their purchasing decision,
while 43% didn’t have their new laptop or PC checked or installed
by IT, and 50% said the same of their new printer.
- Phishing becoming increasingly successful: 74%
of IT teams have seen a rise in the number of employees opening
malicious phishing links or attachments on emails in the last
12-months. 40% of office workers surveyed aged 18-to-24 have
clicked on a malicious email with almost half (49%) saying they
have done so more often since working from home. Of office workers
that clicked or nearly clicked a link, 70% didn’t report it to IT –
24% didn’t think it was important, 20% cited the “hassle factor”,
while 12% had a fear of reprisal or being punished.
- Increase in devices being compromised fuels growth in
rebuild rates: 79% of IT teams report rebuild rates
increased during the pandemic. Rebuild rates directly correlate to
the number of endpoints that require wiping and reimaging because
they have been compromised, which implies more attackers are
successfully breaching outer defenses. The real figure could be
higher still: 80% of IT teams worry that employee devices might be
compromised and they don’t know about it.
"People often don't know if they have clicked on something
malicious, so the real numbers are likely much higher," comments
Ian Pratt, Global Head of Security for Personal Systems, HP Inc.
"Threat actors don't always announce themselves, as playing the
'long game' to move laterally and infiltrate higher-value
infrastructure has proven to be more lucrative. For example, by
using cloud backups to exfiltrate sensitive data in bulk,
encrypting data on servers, then demanding a multi-million-dollar
ransom.”
Pratt continues: "It shouldn't be this easy for an attacker to
get a foothold - clicking on an email attachment should not come
with that level of risk. By isolating and containing the threat you
can mitigate any harmful impact, preventing persistence and lateral
movement."
The increasing unmanageability of IT security
support
With threats rising, it’s becoming more difficult for IT teams
to deliver security support. 77% of IT teams said the time it takes
to triage a threat has increased in the past year, while an
estimated 62% of alerts relating to the endpoint are false
positives, leading to wasted time. With IT teams tied up dealing
with alerts, it’s becoming harder for them to onboard employees and
identify threats:
- 65% of IT teams said that patching
endpoint devices is more time-consuming and difficult due to the
mass shift to home working, while 64% said the same of provisioning
and onboarding new starters with secure devices.
- As a result, IT teams estimate the
cost of IT support in relation to security has risen by 52% in the
last 12-months.
- 83% of IT teams said the pandemic
has put even more strain on IT support because of home worker
security problems, while 77% of IT teams say homeworking is making
their job much harder and that they fear teams will burnout and
consider quitting.
“As IT continues to grow in complexity, security support is
becoming unmanageable,” Pratt concludes. "For hybrid working to be
a success, IT security teams need to be freed from spending hours
provisioning and fielding user access requests so they can focus on
tasks that add value. We need a new security architecture that not
only protects against known and unknown threats, but that helps to
reduce the burden to liberate cybersecurity teams and users alike.
By applying the principles of Zero Trust, organizations can design
resilient defenses to keep the business safe and recover quickly in
the event of a compromise.”
HP is helping organizations to secure the hybrid workplace by
delivering endpoint security that provides teams with greater
visibility and management tools. With HP Wolf Security1
organizations benefit from robust, built-in protection from the
silicon to the cloud, and BIOS to browser. HP Wolf Security
provides the ideal support for securing the hybrid workplace – for
example HP Sure Click Enterprise2 reduces the attack surface by
rendering malware, delivered via email, browser or downloads,
harmless through threat containment and isolation. HP Wolf Security
enables teams to deliver defense-in-depth and enhanced protection,
privacy, and threat intelligence, gathering data at the endpoint to
help protect the business at large.
About the research
The HP Wolf Security Out of Sight and Out of Mind report is
based on findings from:
- A Toluna survey of 1,100 IT decision
makers in the UK, the US, Canada, Mexico, Germany, Australia, and
Japan. Fieldwork was undertaken between 19th March - 6th April
2021. The survey was carried out online.
- A YouGov survey of 8,443 adults in
the US, the UK, Mexico, Germany, Australia, Canada, and Japan who
used to be office workers, and worked from home the same amount or
more than before the pandemic. Fieldwork was undertaken between
17th - 25th March 2021. The survey was carried out online.
About HP
HP Inc. creates technology that makes life better for everyone,
everywhere. Through our product and service portfolio of personal
systems, printers, and 3D printing solutions, we engineer
experiences that amaze. More information about HP Inc. is available
at http://www.hp.com.
About HP Wolf Security
From the maker of the world’s most secure PCs3 and Printers4, HP
Wolf Security is a new breed of endpoint security. HP’s portfolio
of hardware-enforced security and endpoint-focused security
services are designed to help organizations safeguard PCs,
printers, and people from circling cyber predators. HP Wolf
Security provides comprehensive endpoint protection and resiliency
that starts at the hardware level and extends across software and
services.
Media Contact
Vanessa Godsal
Vgodsal@hp.com
©Copyright 2021 HP Development Company, L.P. The information
contained herein is subject to change without notice. The only
warranties for HP products and services are set forth in the
express warranty statements accompanying such products and
services. Nothing herein should be construed as constituting an
additional warranty. HP shall not be liable for technical or
editorial errors or omissions contained herein.
1 HP Security is now HP Wolf Security. Security features vary by
platform, please see product data sheet for details.2 HP Sure Click
Enterprise is sold separately and requires Windows 8 or 10 and
Microsoft Internet Explorer, Google Chrome, Chromium or Mozilla
Firefox and new Edge are supported. Supported attachments include
Microsoft Office (Word, Excel, PowerPoint) and PDF files, when
Microsoft Office or Adobe Acrobat are installed.3 Based on HP’s
unique and comprehensive security capabilities at no additional
cost among vendors on HP Elite PCs with Windows and 8th Gen and
higher Intel® processors or AMD Ryzen™ 4000 processors and higher;
HP ProDesk 600 G6 with Intel® 10th Gen and higher processors; and
HP ProBook 600 with AMD Ryzen™ 4000 or Intel® 11th Gen processors
and higher.4 HP’s most advanced embedded security features are
available on HP Enterprise and HP Managed devices with HP
FutureSmart firmware 4.5 or above. Claim based on HP review of 2021
published features of competitive in-class printers. Only HP offers
a combination of security features to automatically detect, stop,
and recover from attacks with a self-healing reboot, in alignment
with NIST SP 800-193 guidelines for device cyber resiliency. For a
list of compatible products, visit: hp.com/go/PrintersThatProtect.
For more information, visit: hp.com/go/PrinterSecurityClaims.
HP (NYSE:HPQ)
過去 株価チャート
から 2 2024 まで 3 2024
HP (NYSE:HPQ)
過去 株価チャート
から 3 2023 まで 3 2024