Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


04:05 PM
Connect Directly

Most Organizations Plan to Make COVID-19 Changes Permanent

After the pandemic, companies will continue to invest in improving IT infrastructure and security as well as automate tasks to reduce errors and improve network resiliency.

A clear majority – 83% - of C-level executives say the many operational shifts made during the pandemic will remain in place even after the COVID-19 pandemic ends.

Michael O’Malley, global vice president of marketing and strategy at Radware, says during the pandemic companies had to focus on making the network resilient, adjust to the remote contactless economy (home food shopping, restaurant deliveries), and future-proof their organizations for any disruptions in the years ahead.

"All of these activities will continue after the pandemic," O'Malley says. "The survey showed that the pandemic was a big shock to the system and it accelerated many trends. Companies will also be focusing on IT capacity such as product development and spending on IT security."

Related Content:

COVID-19-Related Attacks Exploded in First Half of 2020

Special Report: Computing's New Normal, a Dark Reading Perspective

New on The Edge: 5 Security Lessons Humans Can Learn From Their Dogs

The research, conducted by Enterprise Management Associates on behalf of Radware, points heavily to companies across vertical sectors focusing on resiliency – the ability to keep the business going, the network up, human errors down, and grow the business during the pandemic.

More than any other sector, 83% of the retail/ecommerce respondents were making their IT infrastructures more resilient via hybrid or multi-cloud adoption and 80% via automation. For telco/service providers, 74% were focused on resiliency, with 76% by automation; and 69% of financial services companies keyed-in on resiliency, with 79% via automation.

"The focus on automation shows that as a part of resiliency, companies were trying to reduce human errors," O’Malley says.

The survey also found that roughly half of the respondents say changes made regarding headcount, processes/applications, real estate assets, and budgets are now permanent. Some 95% of respondents say their physical locations were affected by the lockdown to some degree, and by 2022 more than 50% of employees will continue working remotely.

IDC reports similar numbers on the work-from-home front. According to the research firm, 6% of staffs worked from home pre-COVID, 53% worked from home during the height of the pandemic, and roughly 30% will work from home by 2021.

"Companies made a tremendous push to roll out VPNs and remote desktops once the pandemic first hit," says Frank Dickson, a program vice president who covers security at IDC. "I think now we've gotten to a point where most companies can focus on security. They realize that for people who only use Office 365, they may not need to give them full VPN access; they can have them authenticate through a passwordless option."

Creating Security Gaps

The Radware survey also shows some significant security gaps that resulted from the rapid move to work-from-home.

"Companies were never set up for this level of work-from-home activity," says Raghu Thummisi, cybersecurity market strategist at Radware. "Many were racing against time to build in security controls. We found that there were clear winners and losers. The move to the cloud was a much easier lift for the companies that had already made the migration. The companies that were mostly brick-and-mortar had a much harder time."

O'Malley says the data shows that companies were really stressed. Some 50% of companies were not confident in the organization's ability to protect against unknown threats, and 30% reported an increase in attacks at the start of the pandemic. In addition, 35% of the attacks experienced by the respondents required an incident response process, and 69% spent more than half of their time on network security-related discussions of issues.

The pandemic also accelerated migration to the cloud, Thummisi says, which exposed companies to some unforeseen security issues. Some 76% of survey respondents say the pandemic accelerated their cloud migration and while nearly one-third say attacks have increased, another 32% also say they are relying on third-party providers (both public cloud providers and MSSPs) to secure their digital assets.

"We found that companies don't always have a full understanding of the shared responsibility model with public cloud providers," he says.

When they roll out a development environment, for example, they don't always realize that they are responsible for taking down that test environment. "While the cloud makes it easier to spin up test environments, companies still have to validate and take down the environment," he says. "Companies need to be careful not to leave these environments open to attack."

IDC's Dickson, meanwhile, says he thinks companies understand the shared responsibility model, but that developers in many enterprises are not incentivized to build in security.

"App developers are focused on getting the application up, functional, then operational, there's usually not a security metric built in there," Dickson says. "Security has to be a priority and companies need to set up the systems, processes and incentives to make that happen."



Steve Zurier has more than 30 years of journalism and publishing experience and has covered networking, security, and IT as a writer and editor since 1992. Steve is based in Columbia, Md. View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Threaded  |  Newest First  |  Oldest First
Cyberattacks Are Tailored to Employees ... Why Isn't Security Training?
Tim Sadler, CEO and co-founder of Tessian,  6/17/2021
7 Powerful Cybersecurity Skills the Energy Sector Needs Most
Pam Baker, Contributing Writer,  6/22/2021
Microsoft Disrupts Large-Scale BEC Campaign Across Web Services
Kelly Sheridan, Staff Editor, Dark Reading,  6/15/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-06-24
Shopware is an open source eCommerce platform. In versions prior to the admin api has exposed some internal hidden fields when an association has been loaded with a to many reference. Users are recommend to update to version You can get the update to regularly via the Auto-U...
PUBLISHED: 2021-06-24
Shopware is an open source eCommerce platform. In versions prior to private files publicly accessible with Cloud Storage providers when the hashed URL is known. Users are recommend to first change their configuration to set the correct visibility according to the documentation. The visibilit...
PUBLISHED: 2021-06-24
Shopware is an open source eCommerce platform. Versions prior to 5.6.10 are vulnerable to system information leakage in error handling. Users are recommend to update to version 5.6.10. You can get the update to 5.6.10 regularly via the Auto-Updater or directly via the download overview.
PUBLISHED: 2021-06-24
Shopware is an open source eCommerce platform. Versions prior to 5.6.10 suffer from an authenticated stored XSS in administration vulnerability. Users are recommend to update to the version 5.6.10. You can get the update to 5.6.10 regularly via the Auto-Updater or directly via the download overview.
PUBLISHED: 2021-06-24
Shopware is an open source eCommerce platform. Potential session hijacking of store customers in versions below We recommend to update to the current version You can get the update to regularly via the Auto-Updater or directly via the download overview. For older versions o...