Radware Report Highlights Security Flaws in COVID-19 Response

Rapid cloud adoption has helped businesses stay afloat during the COVID-19 pandemic, but it’s potentially exacerbating security gaps. That’s according to a new report from Radware.

The Radware report, “C-Suite Perspectives: Accelerated Cloud Migration but Lagging Security,” is based on a global, online survey of 260 executives in July. Respondents are in North, Central and South America, EMEA and APAC.

Cloud adoption is happening quickly during the pandemic, but security isn’t necessarily keeping pace.

The respondents represent a wide range of industries with minimum revenue of $250 million and 1,000-9,999 employees.

Most C-level executives expect the changes they made with people, processes and applications due to the pandemic to become permanent. And that’s whether significant or partial.

Accelerated Cloud Migration

Raghu Thummisi is a cybersecurity market strategist at Radware. He said businesses showed agility in adapting to remote operations and moving to the cloud; however, the transition exposes businesses to significant security gaps and business risks.

The pandemic accelerated the migration of business infrastructure and applications into the cloud. Some 76% of companies adopted cloud services faster than they had planned. And 56% said the contactless economy – e-commerce, on-demand content, video conferencing, etc. – had a positive impact on their business.

The quick migration helped to maintain business operations, but increased the cyberattack surface. Two in five (40%) reported an increase in cyberattacks amid the pandemic.

“The respondents pointed out the need for increased coverage of their organizations through third-party providers,” Thummisi said. “However 30% of them indicated that they needed structured incident management despite being monitored by the third-party providers. They recognize that with the multifold rise in security events and rapid increase in threat sophistication, it’s imperative that they look for alternatives by deploying security products that can address these threat vectors at scale and consistently through intelligent automation, thereby reducing manual workloads.”

Who’s Responsible?

In addition, 32% said they relied on their cloud provider’s security services to provide security management for their public cloud assets.

“It is critical for organizations to understand and act upon the shared responsibilities of the cloud provider vis-a-vis themselves,” Thummisi said. “The rapid movement to the cloud workloads along with the increased reliance on third-party contractors expose them to significant risk of security exposure. While public cloud providers constantly focus their efforts in making the underlying infrastructure resilient along with providing more tools to their customers for ensuring seamless cloud operations, it’s upon the customers to figure out the dynamics of their organization’s security perimeter and attack surface to plan their security strategy accordingly.”

Other key findings Include:

• More than 80% of respondents believe more than 25% of their employees will work remotely in the future. That’s a sharp contract to pre-pandemic work-from-home policies.
• Many retailers faced pressure to adopt practices that ease the customer experience. Those include curbside pickup, e-commerce and increased use of contactless payments.
• More than any other sector, retailers needed to adopt cloud or hybrid cloud environments to make their networks more resilient. Fifty-seven percent plan to host their assets in either a public or private cloud environment by 2022.

“Though there is consensus on the risk of organizations facing increasing threat vectors and their sophistication, it does point out to the fact that businesses have to do much more to protect their organization perimeters through better products and automation,” Thummisi said.