In a preview of a workforce security report slated for Mar 2025 release, one cybersecurity firm has addressed serious cloud/collaboration concerns

Based mostly on two separate commissioned online surveys* targeting similar respondent populations on the topics of IT management and workforce security, a cybersecurity firm is expected to release a report on its data findings in Mar 2025.

In the meantime, a preview of the report content has been released, providing a glimpse of some key trends discerned from the two commissioned surveys.

First, with 42% of respondents overall citing expectations to remain on some form of remote-working scheme over the next 18 months, the report authors are concluding that “remote- and hybrid- work models are here to stay.”

Second, the data showed that organizations struggling with surges in security gaps in cloud applications (team collaboration Software-as-a-Service cloud-based tools) and unmanaged devices arising from the remote- and hybrid- work models tended to block access altogether, paradoxically hindering seamless collaboration among teams.

Other previewed findings

Third, with a majority of respondents citing that over 80% of their working hours on browser-based applications on managed and unmanaged devices, the need for strong security measures around browser usage has to be addressed.

Fourth, despite significant investments in security controls, no organization represented in the surveys had claimed to have achieved full coverage across all devices, and even those with 100% coverage in specific areas had still experienced security incidents.

According to Palo Alto Networks, the cybersecurity firm releasing its report on workforce security and IT trends of 2024, no single piece of technology can automagically address all security concerns: effective cybersecurity requires a balance of people, processes, and technology. Five best practices proffered by the firm are applicable for addressing the overall challenges of enlarged corporate perimeters due to remote/hybrid-working:

  1. Address all device types: Unmanaged and poorly managed devices pose risks, requiring robust security such as Zero Trust and overlapping defenses for all devices, managed or not.
  2. Implement multi-level security controls: Apply protections at network and endpoint levels to secure data anywhere, with browsers as a critical device-level focus to address the increased mobility of workforces.
  3. Do not underestimate the web browser as security vector: Treat browsers, central to cloud access, as both threat vectors and protective tools, using data loss prevention, threat prevention, and Zero Trust to counter risks.
  4. Build a holistic, cohesive security framework: Implement overarching security frameworks such as SASE for a cohesive defense posture across all ecosystems, enhancing overall modernization efforts.

Finally, firms should balance security with usability: Ensure strong controls do not hinder productivity; security features should offer seamless, user-friendly experiences without compromising safety.

*The first survey of (514 respondents in February 2024) initially focused on how organizations deployed managed or unmanaged devices, including BYOD devices for employees or contractors across the US, the United Kingdom, Canada, France, Germany in organizations with a minimum size of 2,500 employees worldwide (including both permanent and contractor staff) in management or senior management job roles in  IT Management, Cybersecurity or information security, and end-user compute. The second survey (conducted between July and August 2024 among 515 respondents) had focused on additional questions related to technology deployments, use cases, and newer topics such as GenAI, using similar screening criteria for location, organization size, job level, and knowledge of technologies.