安全進(jìn)行遠(yuǎn)程工作的未來

TABLEOFCONTENT

ExecutiveSummary3

GlobalFindings4

?TheImportanceofCybersecurityinaHybridFutureofWork

?AResilientRebound:TacklingCybersecurityThreatsandChallenges

?PrioritizingCybersecurityforWhafsNowandWhafsNext

KeyTakeawaysandRecommendations19

AmericasHighlights23

?RegionalSummary

?KeyFindings

CountryDeepDive:Americas30

?Brazil

?Canada

?Mexico

?UnitedStates

AsiaPacificHighlights40

?RegionalSummary

?KeyFindings

CountryDeepDive:AsiaPacific45

?Australia

?China

?HongKong

?India

?Indonesia

?Japan

?Korea

?Malaysia

?Philippines

?Singapore

?Taiwan

?Thailand

?Vietnam

EuropeHighlights78

?RegionalSummary

?KeyFindings

CountryDeepDive:Europe88

?France

?Germany

?Italy

?UnitedKingdom

AbouttheReport98

EXECUTIVESUMMARY

TheCOVID-19pandemichascausedbusinessesacrosstheglobetotransitiontoaremotework

environmentatunprecedentedspeedandscale.Whatwasonce“nicetohave"foremployees

andcompaniesbecamea“musthave1*almostovernight,withorganizationsallovertheworld

shiftingtheirentireworkforcetoremoteworkingarrangements.Asthetransitionhappened,

organizationshadtoadaptandevolvetheircybersecurityapproach,solutions,andpoliciesto

enabletheiremployeestoworkremotely,accesscompanyresourcessecurely,andensure

businesscontinuity.

Inwhathasbeenayearfraughtwithuncertainty,asignificanttrendhasemerged-thatofa

flexibleandhybridfutureofwork.Havingworkedremotelyforanextendedperiodoftime,

employeesarenowexpectingthattheywillcontinuetohavetheflexibilityandabilitytowork

fromanywhere,atanytimeandonanydevice,inapost-COVIDera,evenastheyreturntothe

office.

Thishasacceleratedtheneedforbusinessestoreassesstheircybersecurityposture,especially

atthistimewhenbusinessleadersarelookingtobuildresiliententerprises.Securitycanbethe

bridgetobusinessresiliencyasitcanenablebusinessestooperatewithflexibilitybysecurely

adaptingtoprotectwhafsnowandwhafsnext.Toachievethis,itiskeytoensurethatnetworking

andcollaborativesolutionsareflexible,simpletouse,effective,andsecure,whetherdelivered

viaon-premisesdatacentersorinthecloud,andacrossalluserdevices-workorpersonal.

Wewantedtounderstandhowpreparedorganizationswere,globally,insecuringtheirbusinesses

astheywereforcedtotaketheirentireworkforceremoteduetothepandemic.Moreimportantly,

wewantedtogetinsightsintowhereorganizationsaretodayintermsoftherisingcybersecurity

threatsandalerts,thechallengestheyfacedinthissuddentransition,andhowtheyareadapting

theircybersecurityapproachestobetterprepareforthehybridandflexibleworkenvironment

thatisheretostay.Todothis,wecommissionedaglobalresearchsurveyacross21marketsin

theAmericas(AMER),AsiaPacific,JapanandChina(APJC),andEurope,surveyingover3000

ITdecisionmakersfromsmallbusinessestolargeenterprises.

?事*A?一

Thestudy,titledFutureofSecureRemoteWork,aimstobetterunderstandthechallenges

thatorganizationsfacedintransitioningtoremotework,whileuncoveringthestateoftheir

cybersecurityreadiness,aswellastheshiftsintheirpriorities,policies,andinvestmentsasthey

prepareforahybridworkenvironmentthatislikelyheretostay.

Theresultsaretelling.

GLOBAL

FINDINGS

,cisco'SECURE

GLOBALFINDINGS

TheImportanceofCybersecurityinaHybridFutureofWork

Organizationsarenotgoingbacktothewaythingswerepre-COVID-19

Asorganizationsstartpreparingforapost-pandemicworld,onethingisclear:employeesnow

expecttohavetheflexibilityandabilitytoworkremotelyregardlessofwhatthefutureofwork

entails,giventhefactthatwearenotgoingbacktothewaythingswerepre-COVID-19.As

observedconsistentlyacrossallthreeregions,remoteworkingspikedtounprecedentedlevels

atthestartofthepandemicinMarch,wheretwo-thirds(62%)ofrespondentshadmorethan

halfoftheirworkforceworkfromhome.Thirty-sevenpercentofrespondentsclaimedthatmore

thanhalfoftheirworkforcewanttocontinueworkingfromhomepost-pandemic,comparedto

only19%beforethediseasetooktheworldbystorm.

%ofOrganizationswithMorethanHalf

ofTheirWorkforceWorkingRemotely

%ofrespondentswithmorethanhalfoftheirworkforceworkingremotely

I■nigleglHMainsrogH

BeforeCOVID-1919%19%24%16%

Today(DuringCOVID-19)62%56%75%67%

AfterCOVID-1937%34%46%34%

OrganizationsinAMERareleadingthewaywith75%ofitsrespondentshavingmorethanhalfof

theirworkforceworkingremotelyatthemoment,followedbyEuropeat67%andAPJCat56%.

However,theyarenotgoingbacktopre-pandemiclevelsanytimesoon,with46%ofrespondents

inAMERexpectingmorethanhalfoftheiremployeestocontinueworkingremotelyevenafter

businesseshavereturnedtonormal.Likewise,34%ofrespondentsinbothAPJCandEurope

notedthesame.

Attitudestowardremoteworkarealsoconsistentacrosssmall,mediumandlargeorganizations,

where35%ofsmallbusinesses,38%ofmediumbusinessesand37%oflargeenterprises

believedthatmorethanhalfoftheiremployeeswillberemoteworkerspost-COVID-19.

Whilemanybusinessesarelikelystilluncertainaboutwhatthefutureofworkwilllooklike,

havingtheflexibilitytosecurelyadapttowhafsnowandwhafsnextwillincreasetheirbusiness

resilienceandenablethemtosupportamoredistributedworkforce.

Somecountriesplantoembraceremoteworkgoingforwardmorethanothers

Interestingly,whilemostorganizationsplantobringmostemployeesbacktotheofficeafter

thepandemic,somecountriesarebuckingthetrend,reportingthatahigherproportionof

respondentsclaimedthatmorethanhalfoftheirorganization'sworkforcewillcontinuetobe

remoteworkersinthefuture.Theseinclude48%inthePhilippinesand50%intheUnited

KingdomandtheUnitedStates,aswellas53%inBrazilandIndia,allofwhicharehigherthan

theglobalaverageof37%.

48%

Philippines

53%

Brazil

India

50%

UnitedKingdom

UnitedStates

Toenablethisflexibleandhybridfutureofworktrend,companiesneedaseamlessandsecure

underlyinginfrastructure.

Cybersecuritynowtopscorporatepriorities

Thegoodnewsiscybersecurityhasbecomeatoppriorityfororganizations.Eighty-fivepercent

ofrespondentsgloballysaidthatcybersecurityisextremelyimportantormoreimportantthan

itwasbeforethepandemic.

Global%oftheImportanceofCybersecurity

Breakingitdownfurther,alargeproportionofrespondentsinAPJC(44%)andAMER(50%)

statedthatcybersecurityisextremelyimportanttotheirbusiness.Europe,ontheotherhand

hadmorerespondentsindicatingthatitismoreimportantthanitwasbeforeat46%.

ImportanceofCybersecuritybyRegion

.Extremelyimportant。森HWsMh那編郵01

■就依鬻翻脾贏由防嘀腕?Notimportant

Thistrendisalsoconsistentacrosssmall,medium,andlargebusinessesat79%,87%,and

88%,respectively.

SmallMediumLarge

Extremelyimportant36%42%53%

Moreimportantthanbefore44%45%35%

Somewhatimportant19%13%11%

Notimportant1%1%0%

ImportanceofCybersecuritybyOrganizationalSize

AResilientRebound:TacklingCybersecurityThreatsandChallenges

Increasingcyberthreatsandalertsatvaryinglevels

Globally,companiesexperiencedajumpincybersecuritythreatsoralertsduringthepandemic

asmaliciousactorstriedtotakeadvantageofpotentialsecuritygaps,withusersaccessingthe

corporatenetworkandcloudapplicationsremotely.Sixty-onepercentofrespondentsglobally

statedthattheirorganizationsexperiencedajumpof25%ormoreincyberthreatsoralerts

sincethestartofCOVID-19.Thiswasalsoexperiencedby55%ofsmallbusinesses,70%of

mediumorganizations,and60%oflargeenterprises.

At69%,morerespondentsinAPJCexperiencedajumpof25%ormorecyberthreatsoralerts

sinceCOVID-19.Thiswasfollowedby64%inAMERand37%inEurope.

APJCAMEREurope

Worryingly,8%ofbusinessesgloballydidnotknowwhethertheyhaveexperiencedanincrease

ordecreaseincyberthreats.Thisfigureincreasesto17%forrespondentsinEurope,compared

to6%inAPJCand5%inAMER.Whendivingdeeper,thestudyalsofoundsomekeydifferences

betweenthelevelsofthreatsoralertsexperiencedacrossregionsandindustries.

F------------------------1

Percentageofincreasein

GlobalAPJCAMEREurope

cyberthreats/alerts

0%-24%31%25%31%47%

25%-50%33%35%36%23%

51%-75%23%27%24%11%

76%-100%5%6%3%2%

Don'tknow8%6%5%17%

25%ormorethreats

%ofIncreaseinCyberThreatsorAlerts

Forexample,78%oforganizationsintheArchitectureandEngineeringindustryexperienced

anincreaseof25%ormorecyberthreatsoralerts,thehighestacrossallindustries.Thiswas

followedbytheChemicalEngineeringandManufacturingsectorat72%andtheEducation

sectorat70%.

78%72%塞70%

ArchitectureChemicalEngineeringEducation

andEngineeringandManufacturing

Interestingly,industriesthatwereoftenpeggedasbeingofhighinteresttoattackers,such

asFinancialServices(58%),SoftwareDevelopment(62%),andHealthcare(54%),defied

expectationswitharelativelylowerproportionoforganizationsexperiencingmorealerts.

INCREASEOF25%ORMORECYBERTHREATSORALERTS

命58%62%54%

IIIIIIFinancialSoftwareHealthcare

戶小空ServicesDevelopment

Topcybersecuritychallengesreportedbyorganizationssupportingremotework

Secureaccess,definedastheabilitytosecurelyenableaccesstotheenterprisenetworkand

applicationsforanyuser,fromanydevice,atanytime,isthetopcybersecuritychallenge

facedbythelargestproportionoforganizations(62%)whensupportingremoteworkers.Other

concernsraisedbyorganizationsgloballyincludedataprivacy(55%),whichhasimplicationsfor

theoverallsecurityposture,andmaintainingcontrolandenforcingpolicies(50%).

Protectinganincreasingnumberofendpoints

Securingdevicesisagrowingchallengefororganizationsnowunabletorelyonconnecting

endpointstocampusnetworksforvisibilityandpushingupdates.Atthesametime,employees

areconnectingtocorporateresourceswithmorepersonal,unmanageddevices,creatingablind

spotforsecurityteams.Oneintworespondentsstatedthatofficelaptops/desktops(56%)and

personaldevices(54%)areachallengetoprotectinaremoteenvironment.Thiswasfollowed

bycustomerinformationandcloudapplicationsbothat46%.

RegionalComparisonofThingsthatPosedaChallenge

toProtectinaRemoteEnvironment

?APJCAMFREurope

Organizationsforcedtoacceleratedigitaltransformation

Whilemanyorganizationshadbeguntheirtransitionstobecomecloud-firstandremote-first

evenbeforethepandemic,thisisaprocessthatrequiressignificanttimeandinvestment.The

practicallyovernightmovetoadistributedworkforcehighlightedjusthowfarmanyorganizations

stillneededtogointheirjourneys.Globally,respondentsreportedtoeitherbesomewhat

prepared(53%)ornotprepared(6%)tomaketheacceleratedtransitiontoaremotework

environmentattheoutsetofCOVID-19.

GlobalAPJCAMEREurope]

45%[

Veryprepared40%39%39%

50%]

Somewhatprepared53%54%55%

6%[

Notprepared6%7%6%

LevelofPreparednessinTransitioningtoaRemoteWorkforce

LevelofPreparednessinTransitioningtoa

RemoteWorkforcebyRegion

LevelofPreparednessinTransitioningtoa

RemoteWorkforcebyOrganizationSize

■Verypreparec

■配腔涉晦聲微闔m

.Notpreparec

Whenitcomestospecificindustries,organizationsintheArchitectureandEngineering(72%)

industryhadthehighestproportionofrespondentsthatweresomewhatprepared,higher

thantheglobalaverageof53%,whilerespondentsinthefollowingindustriessawthehighest

proportionofrespondentsthatwerenotpreparedtosupportthesuddentransitioncomparedto

theglobalaverageof6%:WholesaleandDistribution(15%);Education(14%);andChemical

EngineeringandManufacturing,Non-Computer-RelatedManufacturing,andNot-for-Profit

orCharitable(10%,respectively).

育

而

ArchitectureWholesaleandEducationChemicalEngineeringNon-ComputerRelatedNot-for-Profit

andEngineeringDistributionandManufacturingManufacturingorCharitable

72%15%14%10%

Thereadiness(orotherwise)ofITandsecurityteamstosupportremoteworkpotentiallyreflects

thenatureofthebusinessesandtheabilityforworkersinthatindustrytoalreadybespending

someoralloftheirtimeoperatingoutoftheoffice.Firmswithabiastowardsknowledgework

aremorelikelytohavealargernumberofremoteemployeesthanlocation-specificindustries

suchasmanufacturing.Companieswithalargernumberoftelecommutingemployeeswill

naturallybemorepreparedtosupportanevenbiggernumberoftheirworkforcetogoremote.

With67%reportingtohavebeenveryprepared,Vietnameseorganizationshadthehighest

proportionofrespondentsintheworldthatwerereadytoimmediatelytransitiontoremote

working.TheywerefollowedbytheUnitedKingdom(59%),India(54%),andIndonesia(49%).

Ontheflipside,theUnitedStates,whichhadthehighestproportionofremoteworkersbefore

thepandemic(32%hadmorethanhalfoftheirworkforceremote),hadalargerproportionof

organizationsthatwereonlysomewhatprepared(48%)comparedtoveryprepared(46%).

PrioritizingCybersecurityforWhafsNowandWhafsNext

Technologyadoptionandprioritization

Thegoodnewsis,ofallthetechnologysolutionsadoptedtoenableremotework,organizations

globallyrankedcybersecuritymeasuresasthe#1priority(52%rankeditfirst).Thiswasfollowed

bycollaborationtools(41%rankeditfirst)andprofessionalservices(27%rankeditfirst).

MostWidelyAdoptedvsNumber1Priority

CollaborationTools1CybersecurityMeasures

73%52%

CybersecurityMeasures2CollaborationTools

68%41%

Cloud-BasedDocumentSharing3ProfessionalServices

63%27%

DistributedDataProtection4Cloud-BasedDocumentSharing

49%22%

ProfessionalServices5DistributedDataProtection

33%19%

Asbusinessesnavigatethefutureofwork,whichwilllikelyentailtheadoptionofvarioussolutions

fromcollaborationtofilesharingandnetworking,itiscriticaltoensurethatsecurityisintegrated

acrossallITtools.Thiswilltrulyempowerasecureanddistributedworkforce.

Facilitatingremoteworkingwiththerightprotocolsandpolicies

Ninety-sixpercentoforganizationsgloballyreportedchangesintheircybersecuritypoliciesto

supportremoteworking.Theseincluded93%ofsmallbusinesses,98%ofmediumorganizations,

and97%oflargeorganizations,indicatingthatorganizationsofallsizesfounditabsolutely

necessarytoupdatetheirpoliciesimmediatelytosupportthischange.

ItseemsobviousbutworthyofcommentthatwhenyourHRteamorfinanceteam,forexample,

issuddenlyforcedtoworkremotely,theprotectionsandaccessgrantedtothemaspartof

dailyresponsibilitiesinsidethecorporatenetworkneedtobereplicatedforaremotesettingto

supportbusinesscontinuity.Consistencyofpolicyalsobecomesmuchmoreofanissuethan

everbefore.

Fromthis,thetoppolicy-relatedchangesmadewereincreasedVPNcapacity(59%),increased

webcontrolsandacceptableusepolicy(55%),andtheimplementationofmulti-factor

authentication(MFA)(53%).

TypesofChangesinCybersecurityPolicy

fGlobalAPJCAMEREurope1

IncreasedVPNcapacityIncreasingwebIncreasedVPNcapacityIncreasedVPNcapacity

(59%)controlsand(64%)(64%)

acceptableusepolicy

(61%)

IncreasingwebImplementingmulti-IncreasingwebImplementingmulti-

controlsandfactorauthenticationcontrolsandfactorauthentication

acceptableusepolicy(59%)acceptableusepolicy(38%)

(55%)(57%)

Implementingmulti-IncreasedVPNcapacityImplementingmulti-Increasingwebcontrols

factorauthentication(56%)factorauthenticationandacceptable

(53%)(51%)usepolicy

(34%)

Top3ChangesinCybersecurityPoliciesbyRegion

REGIONALVARIATIONS:

?Increasingwebcontrolsandacceptableuse:?Implementingmulti-factor?IncreasedVPNcapacity:

-HighestinAPJC(61%)authentication:-HighestinAMERandEurope

-SecondinAMER(57%),similartoglobal-SecondinAPJC(59%)and(both64%),similartoglobal(59%)

(55%)Europe(38%)-ThirdinAPJC(56%)

-ThirdinEurope(34%)-ThirdinAMER(51%)

Long-termchangesincorporatecybersecuritypoliciesareafoot

Oneofthebiggestobservationsfromthestudyisthefactthatremoteworkingisdrivinglong-

termchangesincybersecuritypolicies.Thispresentsorganizationswiththeuniqueopportunity

totransformtheirbusinessandsecuritystrategiestotrulysupportthedigital-firstworldthat

wearenowlivingin,therebyenablingthelevelofflexibilitythatemployeesnowexpectwitha

distributedworkforce.

Tothisend,amongstorganizationsthatmadechangestotheircybersecuritypolicies,thevast

majority(95%)indicatedthatsomeportionofthesearepermanent.

30%and▲

AdeeperlookacrosstheregionsrevealsthatmoreorganizationsinAMER(54%)andEurope

(48%)saidthatmorethan30%oftheircybersecuritypolicychangeswillbepermanent,while

41%ofAPJCrespondentsindicatedthesame.

MagnitudeofPermanent[Global

APJCAMEREurope

PolicyChanges

30%orless50%54%44%45%

Morethan30%45%41%54%48%

TOTAL95%96%97%93%

MagnitudeofPermanentCybersecurityPolicyChangesAccordingtoRegion

ORGANIZATIONALSIZE(S,M,ANDL)VARIATIONS:

,Asexpected,morelargebusinesses?Small(55%)andmedium(54%)

(52%)aremakingmorethan30%oftheirbusinessesontheotherhandare

policychangespermanentcomparedtomaking30%orlessoftheirnew

smallandmediumorganizations.cybersecuritypoliciespermanent.

Securityeducationandculture:Amust

Thatsaid,furthereducationandbettersecuritythataresimple,easytouse,andworktogether

areneeded.Fifty-ninepercentoforganizationsgloballysaidthatthelackofemployeeawareness

andeducationwasthetopchallengefacedinreinforcingcybersecurityprotocolsforremote

working.Thiswasfollowedbytoomanytools/solutionstomanageandtoggle(50%),Similar

trendswereobservedacrossAPJC,AMER,andEurope.

rGlobalAPJCAMEREurope

LackofemployeeLackofemployeeLackofemployeeLackofemployee

awareness/employeeawareness/employeeawareness/employeeawareness/employee

educationeducationeducationeducation

(59%)(61%)(58%)(54%)

Toomanytools/Toomanytools/Toomanytools/Toomanytools/

solutionstomanagesolutionstomanagesolutionstomanagesolutionstomanage

andtoggleandtoggleandtoggleandtoggle

(50%)(53%)(49%)(43%)

InconsistentinterfacesInconsistentinterfacesInconsistentinterfacesInconsistentinterfaces

(35%)(40%)(33%)(22%)

Top3ChallengesinReinforcingCybersecurityProtocolsAcrossRegions

Thefindingsshowthatthereisanopportunityforthesecurityindustrytofundamentallychange

tomeetthismomentandincreaseitsflexibilitytosupportadistributedworkforcewheresecurity

isanenablerinsteadofahindrancetocollaboration.Weexploremoreofthisbelow.

Investmentsincybersecurityontherise

Withthesechangesandimprovementsintheworks,themajorityoforganizationsglobally(66%)

indicatedthattheywilllikelyincreasetheircybersecurityinvestmentsduetotheCOVID-19

situation.

WhpthprCOVID-19WillIncreaseCybersecurityInvestment

MorerespondentsinAPJC(70%)andAMER(68%)indicatedthattheywillincreasetheirfuture

cybersecurityinvestmentscomparedtotheglobalaverageof66%.

ChangeinFutureCybersecurityInvestments

asaResultofthePandemic

80%

Inmorepositivedevelopments,organizationsofallsizesarelookingtoincreasetheir

cybersecurityinvestmentsfollowingthepandemicaswell.Interestingly,medium-sized

businessesaremarginallyaheadoflargeorganizations,with70%lookingtoincreasespending.

Smallorganizationsarenotlaggingbehindeither,with59%planningondoingthesame.

?Large

Medium

Small

Whileorganizationsacrossindustries,regions,andmarketsareinagreementabouttheneedto

boostcybersecurityspending,theproportionalityofsaidinvestmentsvaries.Forthemostpart,

59%ofthosethatareplanningtoboosttheircybersecurityinvestmentsindicatedaplanned

increaseofbetween1%to30%.ThistrendismirroredacrossAPJC(58%),AMER(56%),and

Europe(65%).

ProportionofIncreased

GlobalAPJCAMEREurope

Investments

30%orless59%58%56%65%

Morethan30%36%39%39%23%

Organizationsgloballyarerethinkingtheiroverallsecuritystrategy

Whenaskedtoranktheircy