Cyber threats are on the rise as more people work from home during pandemic
Cyber threats are growing amid the coronavirus pandemic, with
online security experts warning that phishing scams are exploiting heightened
fears among consumers and organizations. With the issue of personnel
non-compliance, employee mistakes can occur when well-intentioned people get
tricked by a phishing email, or misconfigure an application for cloud computing
thinking they have turned on encryption or a proper level of data protection
either by mistake or lack of familiarity. As things stand, people who normally
work from home are probably already be vigilant about security concerns.
However, those new to it may not have the best security practices. The
vulnerability and risks grow with employees who don’t have a good work from
home set up and need to rapidly deploy a set of tools to work remotely.
Under present WFH scenario many Insecure assets present in
at-home environments amid execution of COVID-19 BCP plans.
Many company devices were deployed into a WFH situation
quickly, leaving little time to ensure that they would be secure via a VPN or
other means.
The Assets left unsecured- An
intentional decision to make devices less secure to allow for work from home
(WFH) use. One example would involve removing admin permissions so that
employees can complete the task without administrator oversight. Another would
be allowing the use of “unpatched” business computers that allow hackers to
load malicious files with admin privileges.
In
some cases, companies with high-end virtual private networks (VPNs) pre-loaded
on business computers are allowing people to work from home on personal devices
either with no VPN or with a lower-end virtual private network that may be less
hacker resistant.
The concern: The more corporate assets that you have, the
higher risk of intrusion. Each asset becomes a doorway or entry point for a
breach, particularly when it (or its user) are under prepared. IT Asset Managers
help with this by providing the data necessary for corporate security teams to
know what exists, where it exists, and what is on the device.
Security teams now must find
ways to operate effectively in the new remote reality.
If
managing a security operations center (SOC) under normal conditions isn't hard
enough, adjusting operations during the COVID-19 crisis has been particularly
hard on those who run information security operations centers.
In
addition to focusing on the health and safety of their team members, some of
the best practices involve re-deploying
people where they're needed most, continuously upgrading skills, and fostering
a security-supportive culture.
Post a Comment