How to reduce cybersecurity risk during the hybrid work transition
Many enterprises are looking to begin the transition of bringing workers back to physical offices. However, given the rise in COVID-19 cases across the U.S., it has become more complicated for this to occur and is forcing enterprises to pivot to a hybrid work environment.
As businesses fight to keep their companies afloat in today’s environment, they also need to strengthen their lines of defense against cybercriminals who look to exploit vulnerabilities and take advantage of the situation. Unfortunately, hybrid work practices are causing organizational cybersecurity risk to rise, defenses to be challenged and weaknesses to be exposed.
Impacts of network strain on at-risk businesses and industries
Most enterprises plan their networking and computing infrastructures around nominal scenarios that are stretched to address unexpected events, but these plans do not accommodate for strenuous circumstances. For example, under normal working conditions, sizing a virtual private network server could take into account 20% of the workforce telecommuting. In the case of abnormal situations where one region has special circumstances, that proportion of telecommuters may increase by an additional 10% to 20%.
Rarely do organizations account for a hybrid work environment with most employees continuing to work remotely and the rest planning their gradual return to the office. As you can imagine, these employers are not necessarily prepared for the additional strain on their network.
Risks associated with network strain vary from company to company. Organizations involved in crisis response and management may experience DDoS attacks, large-scale phishing attempts and even ransomware attacks that attempt to force a quick payment decision.
For example, hospitals are at greater risk than ever for cyberattacks, given the current spotlight on healthcare and the general difficulty securing individual devices. To mitigate risk, it is important for organizations to go back to the basics: patching systems as quickly as possible and not falling into the trap of “We can’t afford that activity or a downtime now.” If anything, recent weeks have shown a plethora of high-severity vulnerabilities patched, such as Microsoft Corp.’s DNS server and Sharepoint server, as well as the surge in attacks against Microsoft IIS.
In addition to hospitals, we’ve seen pharmaceutical companies involved in the research and development of cures or vaccines facing greater risk. Knowing that many government entities are interested in these advances, pharmaceutical companies must exercise caution to prevent cybercriminals from intercepting this research for ransom or resale to unscrupulous buyers. We have recently seen warnings from both the FBI and CISA against Chinese actors targeting COVID-19 research organizations.
What you can do to improve your security posture
During these times when many organizations have been forced to shift to a more distributed business model, network stress and overload can occur, leading to a less-than-ideal security posture. Business continuity may override previous security mandates and relax certain requirements to address system overload, which leaves vulnerabilities open.
In such times of network stress, organizations might be tempted to forego some rules to maintain business continuity, such as enforcing acceptable use policies or decrypting SSL traffic. However, there are red lines that they should not cross, such as forgoing inspection of entire network segments traffic in the hope of reducing the load on security devices.
Enterprises must find a way to ensure cybersecurity remains a top priority and keep their guard up. This may mean reaching beyond the corporate perimeter to top employees and helping them set up a secure work environment within their homes. In addition, offering workers secure routers or firewalls with advanced threat protection from the cloud could mean the difference between an uneventful period and one where the organization is fighting one security fire after another.
So that security remains top of mind, I recommend that all information technology leaders share these tips with their in-office and remote workers:
- Segment your home network so your work computer does not interact with the other devices in your home, if possible. This can easily be done by leveraging the Guest Wi-Fi capability in most home routers. In addition, you may even apply quality-of-service rules, so your meeting is not disrupted when another member of your household is streaming TV shows in HD.
- Do not click on questionable links that lead to shady web sites and limit online browsing from your work laptop, as some organizations allow split tunneling for VPN connections. Remember that the most successful phishing emails will seemingly come from senders you trust or social network profiles you are connected to.
- Resist installing software from nonreputable sources. It might be tempting to install additional software on your work device to make your work-from-home situation a bit more bearable, but if you must download software, check the downloaded package on virustotal.com before launching the installation process. Some of the most dangerous malware, including the Masad Stealer, comes bundled in other useful software.
The increase in cyberattacks lately shows the true face of the threat actors we deal with: They use social engineering to exploit individuals and organizations for personal gain. During this time, it is especially important that organizations emphasize employee education around cybersecurity. The recent Twitter attack compromising some high-profile accounts is a stark reminder of this reality.
The happenings in the last few months will change our lives forever, with new working styles, cybersecurity issues, proposed policies and so on. Hybrid work environments will identify new opportunities for organizations to reassess their business continuity plans and network security processes. As always, businesses must continue to address the ways employees connect to the network and how to deploy technology to enable and protect those connections, regardless of work environment.
In retrospect, today’s working conditions may turn out to be a silver lining for organizations, as it forces them to reinforce their security posture for the foreseeable future.
Mounir Hahad is head of Juniper Threat Labs. He wrote this article for SiliconANGLE.
Image: geralt/Pixabay
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU