6 key insights from the Microsoft survey about cybersecurity in the pandemic era
Updated at: Sep 01, 2020
The world will be different when the COVID-19 pandemic ends, and that includes the way companies deal with cybersecurity. Microsoft released data from a survey that concludes that the pandemic has forced companies to rethink certain security priorities, such as budget and staff.
According to the study, 58% of respondents say they have increased their security budgets, 82% have invested in specialized cybersecurity teams, and 81% feel pressure to reduce security costs.
The data also shows that, due to the pandemic, the number of companies that are affected by phishing scams has increased.
Microsoft interviewed nearly 800 business leaders from companies with more than 500 employees in India, Germany, the United Kingdom, and the United States.
6 key points from the Microsoft cybersecurity study
1. Phishing and malware cases involving COVID-19 have increased
With the COVID-19 pandemic, companies had to drastically change their work routines, which led to an increase in the number of attacks and fraud. Remote work has even become the reality for many organizations.
“Providing secure remote access to resources, apps, and data” is the #1 challenge reported by security leaders. For many businesses, the limits of the trust model they had been using, which leaned heavily on company-managed devices, physical access to buildings, and limited remote access to select line-of-business apps, got exposed early on in the pandemic”, says the study.
54% of security leaders reported an increase in phishing attacks since the pandemic began.
In March, the Microsoft security team had previously reported an increase in phishing and malware cases involving COVID-19. The same finding was made by several companies and authorities, such as the FBI and Europol.
“Business leaders reported phishing threats as the biggest risk to security in that same timeframe, with 90% indicating that phishing attacks have impacted their organization. More than half said clicking on phishing emails was the highest risk behavior they observed and a full 28% admitted that attackers had successfully phished their users”.
2. Security and compliance budget has increased
According to the survey, the majority of leaders reported an increased budget for security (58%) and compliance (65%). On the other hand, 81% feel pressure to lower security costs.
To control costs in the short term, respondents say they have invested in solutions that can be easily integrated with other products and are simple to manage, with self-help options.
In the long run, 40% of respondents say they are prioritizing investments in cloud security, 28% in data and information security, and 26% in solutions to fight phishing.
3. Companies are investing more in specialized security teams
The data show that companies are also more concerned with building a team of security experts, as technologies and solutions need to be deployed and managed.
The study points out that more than 80% of companies have made changes in cybersecurity staffing due to the COVID-19 pandemic.
42% of respondents said they invested in hiring security professionals and 40% invested in outsourcing some of the company's security priorities and needs.
4. Security technology helps to improve productivity and collaboration
According to the study, one of the reflexes of the pandemic was to remind companies that one of the security technology functions is to improve productivity and collaboration through inclusive experiences.
“Improving end-user experience and productivity while working remotely is the top priority of security business leaders (41%), with “extend security to more apps for remote work” identified as the most positively received action by users. Not surprisingly, then, “providing secure remote access to resources, apps, and data” is the biggest challenge”.
5. Zero Trust architecture is a priority for companies
The Zero Trust architecture or model is based on an identity verification process. That is, only authenticated users and devices are allowed to access certain types of data, applications and systems.
Microsoft research points out that the Zero Trust model has become a priority within companies, with 51% of leaders accelerating the adoption of Zero Trust solutions and resources.
“The Zero Trust architecture will eventually become the industry standard, which means everyone is on a Zero Trust journey”.
6. Cyber resilience is fundamental to business
Cyber resilience is your company's ability to continue operating after cyber attacks and data breaches. According to the survey, the adoption of cyber resilience within companies is still low, which is fundamental to business continuity.
“More than half of cloud forward and hybrid companies report having cyber-resilience strategy for most risk scenarios compared to 40% of primarily on-premises organization. 19% of companies relying primarily upon on-premises technology do not expect to maintain a documented cyber-resilience plan”.
Digital transformation of cybersecurity survey
If you would like to check out the study, click here.
Email protection solutions
If you need help to accelerate your business’ digital transformation of cybersecurity, Gatefy can assist you. We're a team of security experts with solutions focused on email protection.
Our products are compatible and easily integrated with different types of platforms and email providers, such as Office 365, G Suite, Exchange, and Zimbra.