Director of Security Operations Center, iSecurity
Director of Consulting Services, iSecurity
Remote workforces have been the norm for the better part of a year, with more employees, and in some cases, entire workforces, working off-premises. The result? A dramatic spike in cyber attacks. It’s time to learn how to protect your organization.
Previously, cybersecurity conversations focused on industry sectors. We have long seen healthcare and municipal governments targeted due to their historically smaller investments in cybersecurity and their critical roles as custodians of personal data. Pre-pandemic, the iSecurity Security Operations Centre would detect up to 3,500 exploit attempts a month against a single large hospital. The shift to remote work has caused a 10-30% increase in threats – but this is happening across virtually all industries. As a result, discourse is shifting to examine organizational size as an indicator of risk.
The reason for this is simple – as a digital footprint grows, the larger the surface area becomes for exposures and vulnerabilities. Larger organizations often have digital footprints that are orders of magnitude larger than those of small organizations. When you add a newly remote workforce that is connecting with partners, vendors, and stakeholders, you are unintentionally creating more avenues that feed into a hacker’s primary objective – to obtain a financial ransom by gaining access to a corporate network.
Making the transition
A significant challenge has been upholding security standards as employees begin to work from home. Certain boundary defences, like firewalls and IP filtering, are harder to apply with a remote workforce. Beyond that, attackers know that many employees are using personal devices, increasing exploit opportunities.
“Attackers have been leveraging email over the years, and we’re seeing a rise in the initial infection stage through email,” says Chris Stewart, Director of Security Operations Center at iSecurity. “Organizations are more heavily relying on email and external communication, so the ability for hackers to send enticing phishing emails could allow them to harvest credentials or trick the user into opening an attachment.”
Compounding the risk is the mass adoption of cloud services, which do not require a connection to a corporate network to be accessed. This provides another clear route for attackers. “Understanding the criticality of endpoint protection and the segmentation of business services moves you towards the goal of ‘zero trust’,” says Stewart.
The risks of inaction
The costs of inadequate cybersecurity solutions are higher than they initially seem. Of course, the resulting loss of revenue can sometimes stretch into the millions. But accompanying it is a loss of reputation, which can be incredibly costly in a time when so many people are relying on online service delivery. It is clear – safeguarding from a breach is far less costly than addressing the consequences of one.
Leveraging cybersecurity solutions
Zero-trust is emerging as a technology principle that more and more organizations are adopting. Trust should not be assumed; instead, all devices inside or outside of an organization’s digital network should be verified first, then trusted. A complete solution includes monitoring information generated by endpoints and testing that security controls are working to detect and block attackers. For example, penetration testing can simulate an attacker’s tactics towards an employee working on-premise versus working on their mobile phone or laptop from home. Test findings, or vulnerabilities, identify where an organization’s exposures lie and which security controls should be deployed for each connected device.
“Vulnerabilities apply to organizations of all sizes,” says Laura Payne, Director of Consulting Services at iSecurity. “Larger organizations are more lucrative targets, but small organizations may have more to lose even if only one employee’s computer is compromised – making remote work a universal security concern. A good security monitoring program can grant you insight and visibility into all connected devices, no matter where they are.”
“You can work with a partner to identify services you’re already using and to enable security features to support any security gaps. If you’re not taking advantage of these features, then you’re missing out on security that’s readily available to you,” says Payne. “While we can’t reduce the number of attempted attacks, we continue to successfully detect and prevent numerous breaches for our clients following this model.”