Over the past two years, many aspects of the business have changed due to the pandemic corona. While a number of these changes have stopped, and some things have returned to normal with the introduction of global vaccines, the effects and permanent symptoms remain, and companies can’t seem to stop them. Unfortunately, cyber attacks appear to be one of these symptoms.
Companies saw a 50% increase in cyber attacks per week in 2021 compared to 2020. With the increase in cyber security threats, this increase looks set to continue this year, according to “Forbes“.
What are the reasons for the sharp increase in attacks? How can information security professionals adapt to the new global threat?
Remote work is the future, but the risks cannot be ignored
newspaper returnedThe guardianThe rise in data breaches has led to the emergence of a work-from-home culture, as the pandemic forced companies around the world to quickly close their offices to reduce the spread of disease, leading to had the workforce away from their offices, which in turn opened up companies’ systems in different and “distributed” locations “If you will, new and widespread security vulnerabilities appear.
What is the relationship between working from home and the rise of cyber threats?
Talk to “An-Nahar” confirm theConsultant and expert in the field of cyber security and technology, Roland Abi Negm, said that remote work is a major cause of cyber security threats, as institutions prepare their offices with all necessary security measures to prevent penetration, so the internet is safer, and private and sensitive data is only available to employees within the company.
Abi Najm reported the emergence of many vulnerabilities with the spread of the epidemic and working from home, which could give hackers the opportunity to infiltrate, attack companies and steal their data, in particular:
1- Employees work with their own devices
Employee access to critical and business-critical applications from their personal devices creates greater opportunities for data leakage; Personal devices are usually unattended, and are outside the scope of the company; And since it gives employees room to access this data anywhere, it becomes easier for the hacker to access the data.
Abi Negm added that some breaches occur as a result of the theft or loss of a personal device from a car or a coffee shop, for example, which directly connects intruders to data without the need to break into the company’s information system .
2- Use unsafe internet resources
Abi Negm pointed out that some companies provide their employees with laptops for more secure work, but this may not prevent intruders from accessing data, as connecting to an unsecured Wi-Fi network is seen as a gateway for them becomes, especially if the work takes place in a cafe or A-restaurant, where many users are connected to the same network at the same time, which also entails great risks.
3- Email hacking
Most of the cyber attacks happen through malicious links sent by e-mail; Therefore, working from home and the absence of supervision are two reasons to increase the probability of clicking on these links, without the personal employee estimating the possibility of a virus in the link.
These vulnerabilities allow cybercriminals prosperity at the expense of organizations in various sectors. With staff spread out of the office, pinpointing and protecting the source of the data breach has become more difficult for IT staff, who must now manage the situation remotely. But amid these risks, business leaders cannot stop their hybrid business models.
In light of the continuation of remote work, can cybersecurity threats be reduced?
Abi Najm explained that nothing in the field of cyber security is 100% safe, referring to large technology companies, such as “Meta”, “Microsoft” and “Apple”, which continue to be hacked despite their large budgets and all the measures they take.
However, he mentioned that institutions can take measures, update their policies and rules, give instructions to employees and ensure their implementation, in a way that helps reduce the possibility of intrusion; For example, the administration can prevent employees from using WiFi cafes, or emphasize that the computer is not left unattended, and this is called “building an interconnected cyber security network” (Building cybersecurity ecosystem). Therefore, it is not necessary for everyone to be an information security professional to know their role in protecting the company’s electronic security.When everyone understands their responsibility towards cyber security, it becomes difficult to fall victim to an attack. But “attacks are much more difficult to control while operating remotely.”
The flexibility that telecommuting offers can increase employee productivity, satisfaction and fairness, but information security professionals shouldn’t wait for working from home to become a trend. and appreciate”Forbes70% of the workforce will work from home at least five days a month by 2025.
However, corporate leaders should not view hybrid work as cybersecurity death, but rather as an opportunity for IT growth.