When the first stay at home orders went into effect in March 2020, remote working was thought to be a temporary fix for a temporary problem. Because of this mindset, the cybersecurity practices many businesses had in place for in-office working were not adaptable to meet the new challenges presented by employees working from home– specifically the need for remote access to what is often sensitive company data. Most employee devices did not have the necessary authentication requirements on their devices, leaving organizations vulnerable to cyberattacks. Unfortunately, this lack of security gave opportunistic cybercriminals and bad actors with advanced hacking techniques the perfect chance to successfully target enterprises.
COVID-19 INCREASES CYBERATTACKS
Insecure remote working practices were not the only reason employees were left vulnerable to attacks – the global focus and constant search for information surrounding COVID-19 gave threat actors a new opportunity to lure workers into disguised hacking traps. In a report released from McAfee Labs in July 2020, McAfee noted that cybercriminals have been using COVID-19 themed ransomware, RDP exploits, scam URLs and spam designed to bait remote workers into mishandling external engagement. Even more alarming, the FBI confirmed that COVID-19 related threats have led to a 400% increase in cyber threats since 2019.
The hyper-focused public attention on the pandemic, evolving pubic policies and new mandates directly led to an increase in phishing and robocall scammers. This increase has required that IT teams invest additional resources in areas such as threat detection and response activities. While there is little doubt that these increased efforts are necessary, this new operating model leaves organizations strained and on permanent alert as they continue to be confronted with consistently growing cyber security threats.
THE NEW NORMAL
Remote working has now become a seemingly-permanent way of life as the world approaches its ninth month of the pandemic, however it is not only up to businesses to provide employees with the tools needed to work safely. It is also up to employees to be vigilant about safety practices as they continue to work outside the office.
As cases continue to rise and the hope of reopening offices continues to be questioned, businesses everywhere are asking themselves, “how exactly do we keep ourselves secure when the majority of our workforce is working from home and we have dramatically increased threat opportunities for cybercriminals?”
LISTEN TO THE EXPERTS
Last month I attended the Silicon Valley Cyber Security Summit to gain better insight into how businesses can begin to tackle the security issues enterprises are facing globally. The virtual summit featured sessions focused on a variety of topics – from tactics on how to equip employees with the knowledge and tools to avoid cyberattacks, to more high-level discussions on the state of the workforce and how it correlates to security. Through these sessions I was able to form a better understanding of how organizations can prepare a prevention and defense strategy against security threats like insider breaches, and the trends in security that are actively impacting businesses.
During the session “The Path to Security Effectiveness,” led by Artic Wolf’s Chief Technical Services Officer Sam McLane, McLane pointed out that aside from the massive increase in threat activity, the cybersecurity talent shortage unfortunately produced a situation where, despite new solutions and money spent on cybersecurity practices, organizations still are not receiving better protection. McLane noted that even with 3,000 vendors selling products in the industry, with total costs last year exceeding $120B+, there were still almost 4,000 breaches in 2019— 96% more breaches than the previous year.
The key takeaway I had from this session was that breaches are not particularly the fault of the products, but actually operational failures where organizations lack the qualified teams required to manage increasing levels of cybersecurity challenges, like outside attacks or insider threats. To prevent these kinds of breaches, the industry needs to adopt a new way of working by taking a much more operational approach to cybersecurity.
According to cybersecurity experts, reducing the risk of cyberattacks demands a multi-layered approach – awareness, education, expertise, and purpose-built solutions – rather than a single product. In order to conduct work safely, avoid insider threats, and safely allow for remote work, even after the pandemic, employees need clear guidance on standard security practices from an organizational standpoint. Below are a few key tips to secure remote workers’ data from McAfee’s advanced threat research team that should help to address the challenges associated with these shifts:
- Develop remote working policy guidance: While many organizations may employ wider guidance on cybersecurity/privacy guidance within their organizations there will likely be employees unaware of the expectations for remote working. It is key for all policy to not only be reviewed but also effectively communicated to all employees now working from outside an organizations’ offices.
- Enforce asset classification: With a larger set of the workforce now working from home, the need for enhanced security measures is necessary to ensure that information is only made available to its intended recipients.
- Require strong authentication: With passwords and two-factor authentication now routine, ensuring the appropriate level of authorization for key information is in place is critical.
- Generate awareness: All of the processes and technology deployed within an organization can be simply undone if there is a lack of awareness, leading to the increase in insider threats. Ensuring all employees are made aware of the potential risks of connecting remotely is critical.
- Initiate VPN access: Untrusted networks are rarely a thought when working in the office, however with so many employees connecting from external Wi-Fi networks there is the potential for certain networks to be untrusted and there is no assurance that the connection every employee is connecting from is secure. Therefore, leveraging a VPN will be necessary and organizations should enforce certain assets only being available via the VPN
So, while the pandemic has created a plethora of obstacles out of nearly everyone’s control, cybersecurity is something that we can control. Investing more resources into cybersecurity initiatives to keep employees’ data safe is more important now than ever. It is time to take a step back and examine our security practices and arrangements, and ensure we determine if it is inclusive enough of all employees. Through recognizing the increasing number of threat opportunities, improving cybersecurity education and understanding how to better mitigate personal threats, all organizations can be more vigilant as remote work continues to remain the new normal.
Check out other tips and insights on the Remote Evolution here.