There are many factors that increase the risk for companies. The downstream security risks are the storage of sensitive data and the increasing mobility of the workforce. Unfortunately, these factors are very difficult to get a handle on and are related to the modern type of work that is taking place today.
The increasing number of vulnerabilities in IT end devices used in companies is certainly one of the biggest drivers for the growing cyber risk, as it increases the attack surface for companies. This is a fairly obvious link to cyberattack potential.
Increased attack surface
Although every endpoint is a potential target for cybercriminals, those that contain sensitive data such as personal identification information or health data pose an even greater threat. If a device containing such information is compromised, the potential damage to the organization is multiplied many times over. How big is this problem? One might think that this information is limited to a limited number of devices. Unfortunately, this assumption is incorrect. Due to the fact that today's workforce is widely dispersed, mobile workers are constantly accessing different databases containing sensitive information from different locations and networks. This increases the likelihood that employees will save data locally, on the end device itself. This locally stored sensitive data increases the potential attack surface.
Sensitive data
Absolute Software's analysis found that, on average, more than three-quarters (76 percent) of corporate devices contained sensitive data. The financial services industry, perhaps unsurprisingly, had the highest percentage of devices storing sensitive data (84 percent). A notable finding was that the percentage of devices with sensitive data increases with the number of users. The number of users is graded from level 1 (7.000+ users) down to level 5 (10-99 users). While 78 percent of Tier 5 enterprise devices contained sensitive data, only 1 percent of Tier 52 enterprise endpoints did. This could indicate that companies with a smaller number of employees find it more difficult to limit the spread of sensitive data. The data also showed that a lower percentage of devices in North America contained sensitive data than in EMEA or APJ, although in many cases these regions have stricter compliance requirements.
Highly mobile users increase the risk
The risk of sensitive data on devices is exacerbated by the rise of highly mobile device users. When a device is used in multiple locations and connects from multiple networks (outside the sealed home/office network), the risk of an attacker gaining unauthorized access increases significantly. Absolute analysis found that in the Professional services, government, and retail were the most mobile industries, connecting on average from more than four different locations in August 2022. However, with the exception of education, all industries surveyed had devices connecting from more than three locations per day This may not come as a surprise given that today's workforce is mobile by nature, but when combined with the numbers from the Sensitive Data Analysis above, it becomes clear that corporate endpoints are at increased risk of compromise Analysis by Absolute also found that devices in EMEA and APJ frommore locations are connected from North America than LATAM.
More at Absolute.com
About Absolute Software Absolute Software accelerates its customers' transition to remote working with the industry's first self-healing Zero Trust platform that ensures maximum security and uncompromised productivity. Absolute is the only solution embedded in more than half a billion devices providing an always-on digital connection.