As hybrid work empowers employees to work from anywhere and ensure business continuity for enterprises, the use of unregistered devices by employees to access work platforms is adding new security challenges for organizations in the Philippines, according to a new Cisco study.
More than 8 in 10 (87%) respondents in the Philippines say their employees are using unregistered devices to log into work platforms. About 75% say their employees spend more than 10% of the day working from these unregistered devices.
This risk associated with such a practice is recognized by security leaders with 89% of respondents in the Philippines saying logging in remotely for hybrid work has increased the likelihood of occurrence of cybersecurity incidents.
This scenario is further complicated as employees are logging into work from multiple networks across their homes, local coffee shops, and even supermarkets. About 91% of respondents in the Philippines say their employees use at least two networks for logging into work, and 47% say their employees use more than five networks.
The report titled “My Location, My Device: Hybrid work’s new cybersecurity challenge”, surveyed 6,700 security professionals from 27 countries, including 150 security professionals from the Philippines. It highlights concerns of security professionals around the use of unregistered devices and potentially unsecured networks to access work platforms and the risks associated with such behaviors.
“As hybrid work becomes the norm, companies are empowering their employees to work from anywhere. While this has brought many benefits, it is also opening new challenges, especially on the cybersecurity front, as hackers can now target employees beyond traditional corporate network perimeters. To make hybrid work truly successful in the long run, organizations need to protect their business with security resilience. This includes establishing visibility on their networks, users, endpoints, and applications to acquire insights into access behaviors, leveraging these insights to detect threats, and harnessing threat intelligence to respond against them on-premises or in the cloud,” Director, Cybersecurity, Cisco ASEAN Juan Huat Koo said.
The use of unregistered devices is adding a new layer of challenge for security professionals as they tackle complexities in the current threat landscape. More than 7 out of 10 respondents (77%) in the Philippines said they had experienced a cybersecurity incident in the past 12 months. The top three types of attacks suffered were malware, phishing, and data leaks.
Among those who suffered an incident, 69% said it cost them at least US$100,000, and 38% said it cost them at least US$500,000.
The report also found 85% of the security leaders in the Philippines stating that cybersecurity incidents are likely to disrupt their businesses in the next 12-24 months. The bright side is that they are gearing up to protect themselves from internal and external threats.
With the challenges well recognized, 87% of security leaders in the Philippines expect their organization to increase its cybersecurity budget by more than 10% over the next year, and 95% expect upgrades to IT infrastructure in the next 12-24 months.
“In a digital-first hybrid world, cybersecurity threats not only impact IT, but also financial, operational, organizational, and supply chain practices. With hybrid work here to stay, it is crucial that Filipino organizations relook their overall IT and security strategy to ensure that resilience is interwoven into the fabric of their business from the network to the endpoint and the cloud edge. People are a cornerstone of fostering this resilience. Organizations need to educate their people on the challenges that unregistered devices and unsecured connections pose to compromised credentials and cyber threats,” said Zaza Nicart, Managing Director, Cisco Philippines.