4 min read
The opinions expressed by the entrepreneur's contributors are their own.
Imagine if a bank had a million dollars in their vault and one day their employees each took part of the warehouse home for safekeeping.
It's a bit like what has happened to corporate data and communications since the COVID-19 pandemic. Within a few weeks, entire employees moved from the office to their homes, which strained the capacity of companies' digital infrastructure and was an important test of their cybersecurity readiness.
Related topics: How secure is your data when working remotely?
More than six months later, many organizations are still catching up with the security risks posed by the new normal of working from home. Weak or no home Wi-Fi passwords, laptops shared by family members, lack of firewalls, and inconsistent use of VPNs that perform critical business transactions: these are some of the nightmares for IT security professionals. And there is ample evidence that a sense of urgency is warranted.
Feed on the pandemic
Cyber criminals have seized the opportunity and stepped up their efforts to infiltrate corporate systems, track down the vulnerable at home, and obtain sensitive data. In a survey carried out by VMWare, 91 percent of respondents worldwide indicated an increase in cyber attacks since the beginning of the pandemic.
According to a security report, the number of denial-of-service attacks tripled in the second quarter as bad actors exploited the greater vulnerability of home networks. Ransomware and malware attacks are also on the rise, including high profile incidents at Garmin and Carnival Cruises. It is important to note that most incidents go unreported and often a ransom is paid before any business impact is discovered.
Given that remote working will outlast the pandemic, companies are being forced to change their attitudes towards cybersecurity. Although cybersecurity has been growing in importance for years, it was still viewed by many companies as a reflection that only came into play when something bad happened.
Related Topics: A Beginners Guide to Cybersecurity
Now companies in all industries must start treating cybersecurity as part of their organizational DNA and an essential building block of the ecosystems that connect them to their customers and third party partners. Attitudes change from reactive to predictive. Monitoring threats is becoming a primary goal for most cyber-savvy organizations when it comes to reducing business risk.
Stronger security is a must
Organizations have become aware of the need for a solid business continuity plan after many were surprised by the sudden, unexpected arrival of the coronavirus. Even many who had an emergency plan found it inadequate, either because a pandemic was not one of the scenarios or because they had not recently tested the plan.
A business continuity plan can start very easily, but it is not a plan if it is not tested regularly, ideally every 90 days, under different scenarios.
Business demand for collaborative platforms with built-in security has increased since the lockdowns began. Organizations are realizing they need a backup platform to give employees multiple channels to collaborate and reduce the network traffic caused by remote work.
The pandemic has accelerated the move to cloud-based platforms, which allayed security concerns by developing better methods of protecting data. The move to working remotely from home has raised the question of who will be on site to service office-based data centers and applications. Organizations can also leverage the ability of cloud companies to support their business operations.
Remote workers need a backup
To be successful, these changes require greater top-down security awareness within organizations. Organizations also need to take responsibility for ensuring that homeworkers receive the resources, protocols, and safety education they need.
Related Topics: The Real Cost of a Data Breach to Your Brand (and How To Best Protect Yourself)
In simple terms, they should both expand the pipes used by homeworkers and proactively ensure that those pipes are safe. Some of these responsibilities are shared between organizations, employees and service providers. However, the main responsibility rests with the data owners.
Organizations should be willing to pay for the extra bandwidth that homeworkers need to do their jobs. Additionally, they should ensure that home workers have a secure network, firewall, and always use a VPN when connecting to corporate systems.
Having these elements in place and being well informed about the different types of attacks they may be exposed to will go a long way towards reducing security risks.