The pandemic pushed almost all companies to work remotely in 2020, and this shift can be directly linked to an increase in Cyber security according to the IT specialists. In the end, all it takes is one wrong click by an employee to infect a network.”
This is the reason why SGA joined a webinar called “Future of Cyber security & Risks”, in May 2021.
First, we wanted to know why does the remote/work-from-home model pose a cyber threat? There are a few reasons.
One, a variety of technology changes have occurred to support a remote work model. “Security controls to support these models are still catching up with remote-work capabilities, to protect corporate assets better”.
Two, bad actors continue to focus on remote workers, leveraging messaging related to the pandemic in their social engineering activities.
And third, the increased stress of the pandemic on employees, including fluctuations in work and pay, combined with poor remote security controls, has resulted in increased data theft for personal gain.
We were said that we have a much bigger attack surface, not necessarily because we have more employees, but because they’re all in different locations, operating from different networks, not working with the organization’s perimeter network on multiple types of devices. The complexity of the attack surface grows dramatically.”
The remote work and hybrid work models, which many companies will move to post-pandemic, present multiple security risks:
- increased data loss and disruption of vital assets from greater web activity and insider threats;
- data loss and data manipulation from the misuse of privileged access;
- data theft, disclosure, or loss from the use of conferencing tools; and
- uncertainty around data protection and privacy regulations.
Companies continue to deploy technologies to provide more granular authentication and authorization services for their technology ecosystem. Some are also using enhanced security analytics to identify nefarious activity better.
But more work is required.
Before COVID-19, many companies used a combination of endpoint security on corporate-issued devices and access via virtual private networks (VPNs). But that model didn’t scale during the pandemic, because of such factors as too much two-way video and the increased use of online video conferencing and collaboration platforms.
In the new remote work environment, also, work laptops are increasingly used for personal work, which increases the likelihood of [them] being targeted for phishing, malware, and ransomware attacks. Many of the content sources outside of work are not well-protected.
Many organizations have already moved some or a majority of their services and work environments to the cloud, which can help improve security. For example, companies are operating intranets in the cloud using direct, private connections and virtual desktop interfaces.
Another area, organizations are exploring about application and infrastructure security from the start. With fast-paced product release and agile development methodologies, it is the only way to contain the security issues before releasing the code to production.
Artificial intelligence and machine learning are beginning to have a critical role in uncovering threats from millions of security alerts and warnings.
These are very specific and technical concerns which SGA pays attention to protect its digital data. Thanks for reading.