According to a new study by Cisco, as hybrid work empowers employees to work from anywhere and ensure business continuity for enterprises, the use of unregistered devices by employees to access work platforms is adding new security challenges for organisations in India.

As per a recent Cisco survey, over nine in 10 (95 per cent) respondents in India say their employees are using unregistered devices to log into work platforms. About 82 per cent say their employees spend more than 10 per cent of the day working from these unregistered devices.

This risk associated with such a practice is recognised by security leaders, with 95 per cent of respondents in India saying logging in remotely for hybrid work has increased the likelihood of the occurrence of cybersecurity incidents.

This scenario is further complicated as employees are logging into work from multiple networks across their homes, local coffee shops, and even supermarkets. About 94 per cent of respondents in India say their employees use at least two networks for logging into work, and 57 per cent say their employees use more than five networks.

The report titled “My Location, My Device: Hybrid work’s new cybersecurity challenge”, surveyed 6,700 security professionals from 27 countries. It highlights concerns of security professionals around the use of unregistered devices and potentially unsecured networks to access work platforms and the risks associated with such behaviour.

The use of unregistered devices is adding a new layer of challenge for security professionals as they tackle complexities in the current threat landscape. About 80 per cent of respondents in India said they had experienced a cybersecurity incident in the past 12 months. The top three types of incidents suffered were malware, data leaks, and phishing.

Among those who suffered an incident, 81 per cent said it cost them at least $100,000, and 53 per cent said it cost them at least $500,000.

Commenting on the study, Samir Kumar Mishra, director, security sales, Cisco India and SAARC, said, “2022 has witnessed several ambiguities, both presented as opportunities and risks. While it has accelerated the digital transformation journey of most businesses, it has also disproportionately expanded the attack surface. Today, disruption is happening faster than ever. It calls for a re-evaluation of the cybersecurity architecture to ensure that predictivity and intelligence are embedded at the core providing real-time visibility into distributed applications, security, networks, users, and services. Security resilience, preparedness, and response must be at the forefront in order to navigate through the intensifying threat landscape in 2023.”

The report also found 90 per cent of the security leaders in India stated that cybersecurity incidents are likely to disrupt their businesses over the next 12-24 months. The bright side is that they are gearing up to protect themselves from internal and external threats.

With the challenges well recognised, 95 per cent of security leaders in India expect their organisation to increase its cybersecurity budget by more than 10 per cent over the next year, and almost all (99 per cent) expect upgrades to information technology (IT) infrastructure within the next 24 months.