Adenike Cosgrove, Director International Product Marketing at Proofpoint, reflects on the need to rethink cybersecurity in the transition to hybrid work.
Many organizations globally are planning for their workforce to return to the office. Some workers have already returned, while others are still operating remotely.
Whatever the situation, cybersecurity teams face a new and complex challenge: how do they protect their organization and employees as they transition to hybrid work?
Before delving into the security challenges related to returning to the office, there were numerous discussions on the implications of managing remote work.
Employees around the world have faced a multitude of security issues, but now they’re potentially ready to head back to the office.
As with cybersecurity training, the language to be used should be carefully chosen, which is why we’re discussing ‘hybrid’ work models, as opposed to what would be a simple “return to work”.
One thing is certain, there is no one-size-fits-all approach.
When you look at the large-scale breaches of the past couple of months, you have an indication of the attacks taking place in these hybrid environments, when employees globally are spread across the office and home. The result of switching to hybrid work can be catastrophic.
We’re seeing systems that have long been disconnected from the solid security of the corporate network now being reconnected once more.
Along with all this, the controls previously in place in the office to prevent the abuse of personal devices were essentially deleted throughout the remote working period. And these devices are now making their way back into the corporate network, with significant security implications.
And this is just the tip of the iceberg.
Employee behaviors have changed, including their way of collaborating. Moreover, teams have been enriched with new unknown faces, perhaps hired during the pandemic.
What should cybersecurity managers prioritize while making the transition to hybrid work?
Verifying network device settings
Employees have been working on personal devices for more than a year, while also connecting corporate devices to home networks.
This means managing back-to-office vulnerabilities is a key task.
Cybersecurity teams need to ensure that all the devices returning to the corporate network are “clean”. They must also analyze their security systems to ensure that employees aren’t introducing potential malware that could compromise systems.
Making the transition to hybrid work requires a real effort in managing, controlling and reconfiguring resources, as well as making sure all devices are patched and up to date.
Many people actually don’t even restart their PCs, which is why seemingly basic actions like this are essential.
Evaluating and responding to changes in employee behavior
Most people have now worked outside traditional corporate boundaries for an extended period of time, resulting in a natural change in behavior.
Aside from wearing pajama bottoms during Zoom calls and sending emails from the couch, many employees’ safety behaviors have likely become far more lax with the transition to hybrid work.
These potentially risky new ways of acting require new training efforts.
People have built new cultures and ways of working, and so in this shift to hybrid work security teams need to reinforce the message regarding what is deemed “positive” behavior, empowering it with safety training and awareness that fits all newly adopted approaches.
Previous messages also need to be strengthened to allow people to get used to the security regulations within the corporate network.
In addition to the potentially risky behaviors that organizations should try to eliminate, there are others that should continue to be encouraged, such as collaboration, for example,
The shift to remote work has forced employees to find new ways to collaborate with each other, with suppliers, with partners, or with customers.
This has proven hugely successful for organizations in terms of business continuity – but how can it be done on an ongoing basis safely while transitioning to hybrid work?
Email remains the main business channel, but people have increasingly started using different communication services for video calls or chats.
Many employees may have downloaded new applications that aren’t usually used in daily activities.
This will continue to pose a major safety challenge as the transition to hybrid work accelerates.
Cybercriminals are opportunistic and all too aware that collaboration tools can be an effective channel for spreading malware across the enterprise in a hybrid workplace.
Organizations need to be aware of all the new channels, , and services that are being used, precisely because they’re potential new attack vectors.
We must not block systems and prohibit this way of working, but be aware of it and protect them in the most appropriate way.
The main target of threats
Regardless of the workplace, one element remains the same: people are the main target.
Verizon’s latest Data Breach Investigations Report proves it.
Last year, the main technique used in cyberattacks was phishing (36%), with 85% of the breaches profiled requiring human interaction.
With the transition to hybrid work, cybercriminals will continue to use carefully crafted phishing attacks to target employees, as they know that one click can be all it takes to succeed – regardless of whether the employee is in the office, at home, or in movement.
They also realized that credentials are the new crown jewels, providing access to data that is increasingly moving to the cloud.
61% of all breaches last year involved credential exploitation.
New faces, new threats
Last, but not least, is the risk that newly introduced employees present during transition to hybrid work.
First, the new resources represent attractive targets for social engineering and phishing attempts.
They haven’t been introduced to many colleagues yet. Perhaps, too, they haven’t had the same corporate security training and will be eager to please others.
Additionally, there’s the challenge of physical security threats.
With many new people hired during the pandemic, without having met any live team members, no one is likely to recognize the new faces in the office.
This opens up the opportunity for unauthorized visitors to sneak into the office and cause a potential increased security risk.
There is no one-size-fits-all solution
The security challenges faced in returning to the office are “hybrid” and there’s certainly no one-size-fits-all solution.
As they transition to hybrid work, organizations can protect users and improve their defenses by modifying security controls to address how they operate today.
Today, preventing accidents involves strengthening defenses on three specific, different, interrelated aspects: people, processes, and technology, all within a people-centered security strategy.
Companies need to assume that someone inside will always click, thus defining a security strategy that first of all protects people.
It’s imperative that organizations ensure employees assess user vulnerability and threat training as they transition to hybrid work, providing them with valid skills required to protect themselves in both the office and home.
This article has been written in collaboration with BitMAT.