Return to the Office Part 1: How COVID-19 Has Transformed Cyber Security Forever
In Part One of our series, we explore how COVID-19 has changed cyber security, and what the long-term effects will be.
The COVID-19 pandemic accelerated business changes and how organizations operate on a daily basis. It also led many organizations to review their technology infrastructure and cyber security practices, as employees transitioned to work-from-home, bring-your-own-device, and hybrid work set-ups.
In the cyber security world, an accelerated digital transformation certainly can be seen as a positive, but it must be done in a manner that protects the organization and all end users. In many ways, COVID-19 has transformed cyber security forever, as temporary actions now have become permanent strategies.
What exactly is the “new normal”, and what cyber risk and mitigation measures can a business take to protect themselves? Here are some of the ways COVID-19 has changed the way we think about cyber security.
Work From Home: Here to Stay
There’s a case to be made for an increase in Cloud-based cyber security services, due in part to the number of people working from home. Many will continue to work from home for years to come. According to a survey by Tessian, 47% of people working in the technology industry reported clicking on a phishing email at work. And, 43% of people reported making an error that had security repercussions.
Without the protection of firewalls in the office, many end users are seeing an increase in cyber attacks. If a home Wi-Fi network doesn’t have proper security protocols in place, this can also lead to security concerns. The increase in BYOD (bring-your-own-device) has led to new concerns, as well. As more employees use personal laptops, phones, and other devices to access sensitive corporate information and other important data, it can leave organizations at risk.
Hackers will continue to adapt and develop new malware to breach systems. Businesses must be prepared to support a global workforce regardless of where and what device the end user logs on from.
More Training: A Must
Going hand-in-hand with the move from the office to the living room, it’s clear that more training than ever is needed to protect end users and the organization as a whole. As has been said in recent years, human error is every organization’s biggest cyber security threat.
Pre-pandemic, employees may have provided access to files or information to those who should not have had access. Or, a USB drive may have “accidentally” come from the office to the home and back again, not properly protected, putting critical information at risk.
IT systems must continue to adapt to workplace changes as more people work from home. Single-sign on and multi-factor authentication can be solutions, but training should be a valued piece of the process, too. Providing training for employees on phishing attacks and breaches can help them better understand the current cyber landscape.
The Cloud: No Longer an Option, But a Necessity
Organizations tend to purchase security tools they believe are doing the job. However, these tools aren’t always talking to each other, which can actually hamper the implementation of a comprehensive business cyber security plan.
Adding new tools may end up having an undesired effect, which hackers understand and look to exploit. If gaps exist between tools and weaknesses are found, breaches can (and likely will) occur. Plus, if vendors make upgrades while organizations don’t follow, security issues may increase.
On-premise solutions served organizations well for years, but the Cloud is built on the promise of scalability and adaptability. The Cloud provides a level of security not found in on-premises solutions, and helps streamline software, so no tool is left behind.
Thrive is here to be your partner in cyber security. Contact us to learn more about our services today!