Organizations’ growing reliance on changing technologies means a growth in the importance of cybersecurity. That said, any cybersecurity initiative must be  practical and tailored to meet the organization’s actual needs. This study, commissioned by Palo Alto Networks, explores how these needs have been changing and how security has fared, and it considers possible paths for evolution.

The modern workplace has undergone significant transformation, characterized by at least three major shifts. First, there has been an increase in remote work adoption, even if there is some post-pandemic pushback. Secondly, numerous organizations have adopted a mixture of managed and unmanaged devices, like bring your own devic (BYOD), in their environments, which brings challenges for security compliance. Finally, there has been a dramatic rise in the use of software-as-a-service (SaaS) consumption, with some organizations reporting thousands and tens of thousands of applications being used. A key factor in the use of these applications is that they’re often accessed via browsers—the study finds that, in some cases, browser-based usage corresponds to over 80% of daily work.

This study also highlights some of the challenges facing security programs. First,
responses indicate that traditional security controls are unevenly deployed, with
very few organizations reporting widespread coverage across their IT estates. This results in potential gaps in visibility and protection. At the same time, there is constant pressure to deploy security controls in a way that does not affect worker productivity. Then, responses indicate that even when the controls are being widely deployed, the prevalence of security incidents remains high, with incidents such as ransomware, phishing, and browser-based attacks reported by over 90% of respondents.