Nearly all cybersecurity pros are working remotely full time.
Nearly all cybersecurity pros are working remotely due to the COVID-19 pandemic. And many no longer focus on their normal tasks.
That’s according to ISC2‘s latest survey of 256 cybersecurity professionals. They shared insights into how their work has changed during the first several weeks of the pandemic. Remote working challenges are common.
Eighty-one percent said their job functions have changed during the pandemic, with 90% of cybersecurity pros working remotely.
Nearly half, most of whom are cybersecurity pros working remotely, are not doing some of their typical security duties. Instead, they’re assisting with other IT-related tasks like equipping remote workforces.
Fifteen percent said their teams don’t have the resources to support remote workers.
“COVID-19 hit us with all the necessary ingredients to fuel cybercrime: 100% work from home (WFH) before most organizations were really ready; chaos caused by technical issues plaguing workers not used to WFH; panic and desire to ‘know more’ and a temptation to visit unverified websites in search of up-to-the-minute information; remote workforce technology supported by vendors driven by ‘new feature time to market’ and not security; employees taking over responsibilities for COVID-19 affected coworkers (unfamiliarity with process); and uncertainty regarding unexpected communication supposedly coming from their employers.”
To find out more about cybersecurity pros’ remote working challenges, we spoke with Wesley Simpson, ISC2’s COO.
Channel Futures: What were some of the most surprising survey findings about remote working challenges?
Wesley Simpson: Learning that nearly half of cybersecurity staff have been reassigned to IT tasks was what surprised us most, especially as 81% indicated their organizations have categorized security as an essential function during this pandemic.
CF: With nearly half of cybersecurity pros being reassigned to IT, is that leaving more organizations vulnerable to cyberattacks? If so, why?
WS: Twenty-three percent of respondents indicated their organizations are seeing an increase in security incidents, at a time when nearly half of these respondents are being pulled into other areas of IT. This kind of situation is obviously not ideal or sustainable for keeping organizations protected. This is magnified by the fact that 34% of respondents said they have the resources they need to support a remote workforce, but only for the time being.
CF: Do remote working challenges for cybersecurity pros put them at a disadvantage when compared to onsite? If so, why?
WS: While 10% of the respondents to our survey said they are still going into the office, the rest say they are working remotely and did not indicate being at a disadvantage, although we did not ask them specifically about this. Fortunately, cloud technologies and VPNs make it easier for cybersecurity tasks to be handled from remote locations, but I don’t think anyone would go as far as to say that this situation is ideal.
CF: Can MSSPs and other cybersecurity providers help ensure optimum security during this difficult transition?
WS: Our survey doesn’t cover how organizations are using third-party support during this time, but I would imagine that as cybersecurity staff are being repurposed with IT tasks, organizations may be looking to MSSPs to help fill the gaps.
CF: Does the ongoing cybersecurity talent shortage play a role in these remote working challenges?
WS: Absolutely. Our 2019 Cybersecurity Workforce Study showed that there is a shortage of more than 4 million trained cybersecurity personnel globally, and I think that unfortunately, for those companies that were not already fully staffed in their security departments before COVID-19, this pandemic has likely put even more stress on their programs.
CF: Are there any indications that cybersecurity eventually will catch up to this new normal? If so, how?
WS: We’re still in the early stages of this situation, and no one knows exactly how long it will last or what the new normal will look like. But if I had to bet …