In early 2020, the world started to work from home. For many of us, it was our first time working outside of the bounds of the office and the change took some getting used to.
But working from home is about more than doing laundry between virtual meetings. For IT departments, remote working brings with it a number of cybersecurity risks. Here’s how hybrid work is changing the face of cybersecurity:
Security is no longer just a job for IT
Prior to the rise of hybrid and remote working, the average employee wasn’t especially clued-up on security hygiene or best practices. And while it wasn’t an ideal situation, within the safe perimeters of the office (and the company network), most IT departments could deal with the occasional security nightmare.
But with employees working from their own homes, far from the watchful gaze of the IT department, the responsibility for upholding cybersecurity best practices has shifted onto employees’ shoulders.
Alongside their daily work, employees now need to consider: Who is standing behind me while I’m working? Am I using a protected network? Am I leaving my device unlocked and unattended? Should I ever let my partner or family members borrow my work device?
Employees are certainly becoming more cybersecurity-savvy, but to ensure they don’t fall victim to phishing or accidental insider threats, IT leaders still need to educate teams on the cybersecurity risks of remote working and security best practices.
The rise of "third space” working
When remote working started to become the norm, the primary focus for the majority of IT departments was securing people’s home environments for working. Sounds obvious, right? But the reality is, research shows that more people are starting to work in so-called “third spaces” such as cafes, libraries, or on the go.
This has big implications for IT as, while these spaces offer employees freedom and flexibility, they also increase the risk of security threats. The combination of a more distracting environment, the presence of strangers, and unprotected networks makes working outside of the home office even more dangerous. So, when establishing cybersecurity measures for hybrid working, it’s especially important to take these “third spaces” into account.
Security teams need to take a proactive approach to cybersecurity rather than a reactive one.
Proactive over reactive
Cybersecurity attacks were already becoming increasingly frequent and sophisticated before 2020, but remote working put the risks of these attacks into overdrive.
According to Splunk’s State of Cybersecurity report in 2022, over 49% of organizations say they’ve suffered a data breach over the past two years, up from 39% from their results pre-pandemic.
Now more than ever, security teams need to take a proactive approach to cybersecurity rather than a reactive one. This means taking measures to prevent cyberattacks from happening in the first place, rather than responding to incidents when they occur. That includes things like educating employees on cybersecurity awareness, periodically assessing your internal systems for vulnerabilities, managing shadow IT, and more.
The basics still matter most
The rise of remote working may have made it even more important to be vigilant when it comes to cyber security – but it’s not all doom and gloom. You’ll be glad to hear that the majority of cyberattacks don’t require sophisticated technology or even a highly skilled security department to stop them in their tracks.
Preventing breaches doesn’t have to be a complex operation – it’s all about making sure that the basics of cyber hygiene are being adhered to throughout the organization. This means that keeping an eye on things like multi-factor authentication, least privilege access, and keeping devices up to date should still be a top priority for IT departments.
August 25, 2022
The 5 biggest BYOD cybersecurity risks
The rise of remote working means more and more people are opting to use their personal laptops, phones, and tablets for work. For employees, this means more freedom and flexibility. But for IT departments, BYOD (bring your own device) can easily turn into a cybersecurity nightmare.
June 2, 2022
What is shadow IT? Answers to 5 frequently asked questions
What is shadow IT? Read the answers to 5 frequently asked questions about shadow IT and find out how to manage shadow IT in your organization.