Building a Resilient Hybrid Workforce: Future-Proofing IT for Remote Work Karandeep Singh

Cybersecurity- and compliance-related risks are all too real, and reflect the realities of a complex and dynamic computing environment

Aberdeen’s 2024 Future of the Workplace study found that today’s IT professionals are challenged to provide a larger number of remote / hybrid users with a faster, personalised level of support, in a more complex and dynamic computing environment with increased cybersecurity- and compliance-related risks.

Figure 1: Cybersecurity Incidents Affecting Confidentiality, Availability, and Compliance are Common

Source: Aberdeen, May 2024

In Aberdeen’s recent research, respondents reported that cybersecurity incidents affecting confidentiality, availability, and compliance were all too common (see Figure 1). Over the previous 12 months:

About 4 in 9 (43.9%) experienced an incident affecting data confidentiality / privacy — including incidents involving structured data (records), unstructured data (files), and ransomware. In the EMEA region, notable examples include recent incidents at France Travail and the BBC Pension Scheme.
About 3 in 5 (61.4%) experienced an incident affecting availability — including incidents resulting in unplanned downtime or slowdown for endpoints, networks, and back-end systems. The EMEA region was not immune to global computer outages resulting from the flawed update of Crowdstrike/Windows software in July 2024, such as the example of KLM Royal Dutch Airlines.
Nearly 2 in 5 (38.6%) experienced an incident affecting regulatory compliance — which Aberdeen defined as a finding or observation identified as an audit deficiency, or any other instance of non-compliance that was substantial enough to require prompt remediation or a committed plan for remediation. In other words, it was not an issue the organisation could simply defer or ignore. If unaddressed, these could lead to public and costly enforcement actions by regulators, including the recent example of Deutsche Bank AG.

As we know, there are two dimensions of risk: how frequent these incidents are and how much business impact they can have when they do occur. The research shows that the frequency is high, and the examples help to illustrate the potential costs.

Generally, organisations attribute these types of incidents to the realities of the complex and dynamic computing environment needed for the modern workplace — including expanded user populations with authorised access to enterprise systems, personal user devices used for work, significantly expanded attack surfaces, and adversary targeting of user behaviours (e.g., phishing, e-mail, and web-based attacks). Combine these with the challenge to hire and retain qualified IT and cybersecurity professionals, and we have the top five drivers for enterprise investments in cybersecurity technologies (see Table 1).

Table 1: Top 5 Drivers for Investments in Cybersecurity Technologies

Source: Aberdeen, May 2024

In practice, traditional approaches to cybersecurity are increasingly unable to manage these risks to an acceptable level in support of the modern workplace. Aberdeen’s research also provides insights into how current and planned deployments of selected cybersecurity solution categories are changing to meet evolving needs.

Even so, threat actors will always adapt their strategies over time, and the most popular exploits will continue to come and go. This underscores the importance of implementing foundational cybersecurity technologies and capabilities to govern, identify, protect, detect, respond, and recover — instead of merely chasing after the latest vulnerabilities or the exploit du jour.

Zscaler’s Approach: Securing and Empowering the Hybrid Workforce

In Zscaler’s view, the modern workplace must provide secure access to users who are constantly on the move, working from varying locations on different devices — while also addressing security- and compliance-related challenges such as:

Protecting an expanding and dynamic attack surface
Making business continuity a top priority
Maintaining seamless user experiences across all failure scenarios

To dive deeper into how Zscaler helps organizations transition from legacy network infrastructure to modern, secure, and resilient cloud-native services, watch this podcast-style conversation between Derek Brink, Vice President and Research Fellow at Aberdeen Group and Kevin Schwarz, Head of CTO from Zscaler as they discuss key technology trends shaping the future of IT. Watch now to learn how Zscaler’s zero trust approach supports a future-proof, resilient workplace.  

​[#item_full_content] [[{“value”:”Cybersecurity- and compliance-related risks are all too real, and reflect the realities of a complex and dynamic computing environment

Aberdeen’s 2024 Future of the Workplace study found that today’s IT professionals are challenged to provide a larger number of remote / hybrid users with a faster, personalised level of support, in a more complex and dynamic computing environment with increased cybersecurity- and compliance-related risks.

Figure 1: Cybersecurity Incidents Affecting Confidentiality, Availability, and Compliance are Common

Source: Aberdeen, May 2024

In Aberdeen’s recent research, respondents reported that cybersecurity incidents affecting confidentiality, availability, and compliance were all too common (see Figure 1). Over the previous 12 months:

About 4 in 9 (43.9%) experienced an incident affecting data confidentiality / privacy — including incidents involving structured data (records), unstructured data (files), and ransomware. In the EMEA region, notable examples include recent incidents at France Travail and the BBC Pension Scheme.
About 3 in 5 (61.4%) experienced an incident affecting availability — including incidents resulting in unplanned downtime or slowdown for endpoints, networks, and back-end systems. The EMEA region was not immune to global computer outages resulting from the flawed update of Crowdstrike/Windows software in July 2024, such as the example of KLM Royal Dutch Airlines.
Nearly 2 in 5 (38.6%) experienced an incident affecting regulatory compliance — which Aberdeen defined as a finding or observation identified as an audit deficiency, or any other instance of non-compliance that was substantial enough to require prompt remediation or a committed plan for remediation. In other words, it was not an issue the organisation could simply defer or ignore. If unaddressed, these could lead to public and costly enforcement actions by regulators, including the recent example of Deutsche Bank AG.

As we know, there are two dimensions of risk: how frequent these incidents are and how much business impact they can have when they do occur. The research shows that the frequency is high, and the examples help to illustrate the potential costs.

Generally, organisations attribute these types of incidents to the realities of the complex and dynamic computing environment needed for the modern workplace — including expanded user populations with authorised access to enterprise systems, personal user devices used for work, significantly expanded attack surfaces, and adversary targeting of user behaviours (e.g., phishing, e-mail, and web-based attacks). Combine these with the challenge to hire and retain qualified IT and cybersecurity professionals, and we have the top five drivers for enterprise investments in cybersecurity technologies (see Table 1).

Table 1: Top 5 Drivers for Investments in Cybersecurity Technologies

Source: Aberdeen, May 2024

In practice, traditional approaches to cybersecurity are increasingly unable to manage these risks to an acceptable level in support of the modern workplace. Aberdeen’s research also provides insights into how current and planned deployments of selected cybersecurity solution categories are changing to meet evolving needs.

Even so, threat actors will always adapt their strategies over time, and the most popular exploits will continue to come and go. This underscores the importance of implementing foundational cybersecurity technologies and capabilities to govern, identify, protect, detect, respond, and recover — instead of merely chasing after the latest vulnerabilities or the exploit du jour.

Zscaler’s Approach: Securing and Empowering the Hybrid Workforce

In Zscaler’s view, the modern workplace must provide secure access to users who are constantly on the move, working from varying locations on different devices — while also addressing security- and compliance-related challenges such as:

Protecting an expanding and dynamic attack surface
Making business continuity a top priority
Maintaining seamless user experiences across all failure scenarios

To dive deeper into how Zscaler helps organizations transition from legacy network infrastructure to modern, secure, and resilient cloud-native services, watch this podcast-style conversation between Derek Brink, Vice President and Research Fellow at Aberdeen Group and Kevin Schwarz, Head of CTO from Zscaler as they discuss key technology trends shaping the future of IT. Watch now to learn how Zscaler’s zero trust approach supports a future-proof, resilient workplace.”}]]