Isolation due to independent working conditions, and lack of information sharing that would typically occur in an office environment, are just two reasons why we are seeing this surge. In addition, these independent working conditions tend to keep you in a small bubble of colleagues, while the rest of the organisation are forgotten about. Through observation, we’ve found that we tend to be more abrupt with people that are not directly in our own silo of work, and if we get a phone call from someone outside of this silo, we tend to be more interested in resolving whatever that phone call is about or responding to that email, then actually taking the time to validate who that person is or that they represent something that needs to be done.
Shane Shook, who has been advising enterprises on Information Technology, Security and Risk Management for over 30 years, said: “It’s a different dynamic. Because we’re drilling down into our select networks with less inclusion of the workspace or the work environment that we would otherwise find in the office, we are making ourselves much more susceptible to attack.”
How Can Organisations Protect Themselves While Remote Working?
More Company-Wide Meetings
Company-wide meetings, whether they are held monthly or bi-weekly, can have a considerable influence on organisations, including the fact that they bring employees and executives together. In the eyes of cybersecurity, company-wide meetings are necessary to be safer. If we know how each other communicates and we know the nature of those communications, we’re less likely to be manipulated by malicious actors who are mimicking other people’s profiles.
“It’s imperative to be more inclusive in meetings, invite more people from other functions of the business to the meetings, and be more exclusive in meetings held on video platforms,” added Shane.
Security Awareness Training
Many organisations continue to place more trust in technology-based solutions than on training their employees to be more aware of the threat landscape and their ability to recognise the red ﬂags in cyber breach attempts. When trained appropriately and incentivised, they can be part of a more robust solution to many security problems and ultimately, reduce business risk.
Shane continues: “It’s the little things like suspicious links or being able to recognise that a call is vishing and not someone in your network. For example, if you receive a call from the help desk requesting you open a link, so they can fix your ‘infected’ computer, you will be more aware that it’s likely not your IT person speaking to you.”
Cyber Risk Audits
The cadence of cyber risk audits has become increasingly important, especially with social engineering becoming the preferred technique as we drill deeper into our silos. However, according to Shane, there is a noticeable slide backwards in the level of security hygiene that organisations have adopted since making the transition from office to home.
He continued: “But, it’s not because we’re working from home, it’s our use of VPN services. This is where we’re opening more ports for more services with less situational awareness for monitoring. In many cases, monitoring isn’t implemented in the right levels of the Access Control List (ACL) network architecture, or we’re putting in quick patches on demand for it.”
Periodic cyber risk audits are essential in helping organisations to assess the security hygiene of their IT estate, determine their security posture, and identify exigent risks, like malware, abuse of user rights, or violations of policy.
What Kind of Investments Should Be Made or Considered?
With no idea how long this ‘work from home’ scenario will last, or even whether things will ever go entirely back to normal, there are several paths cybersecurity teams can take to protect themselves against malicious actors. Discover these, which include isolation technologies, compulsory DNS protection and enforced email monitoring and filtering, now as we continue the conversation with Shane in our Emerging Trends Podcast Series.
A list of almost 50,000 Fortinet VPN devices vulnerable to CVE-2018-13379 has been leaked to a hacker forum. Researchers have commented that slow patching procedures have left a large number of organisations vulnerable to the two-year-old exploit.
It is by understanding the biggest risks to your sector, that you will understand the most effective ways of managing those risks. And with healthcare becoming one of the most vulnerable and highly-targeted industries in the world – it’s time we addressed the issue…
Secrutiny, a cybersecurity managed services company and incident response specialist, expands into Europe via Dutch subsidiary. Headquartered in Amsterdam, led by regional managing director Patrick van Arendonk, Secrutiny NL will be the company’s first office in continental Europe.