Maksim Kabakou - Fotolia
Security Think Tank: There’s much more to do to secure hybrid workers
Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they’ve taken away from the past 12 months
For security teams, 2020 was all about firefighting. They rushed to ensure employees could work from home securely during the first few months of the pandemic, investing in VPNs and video-conferencing and collaboration solutions. Most took a short-term approach, bridging the gaps for now and planning to eventually return to the office once things settled back down.
However, 2021 was the year of long-term thinking for securing a hybrid workforce. By the beginning of the year, many organisations had realised that hybrid working was here to stay, and a study by McKinsey reported that an overwhelming 90% of global organisations planned to combine remote and office working permanently after the pandemic.
As a result, security teams spent 2021 focusing on a longer-term approach to hybrid working and filling the security gaps that arose from hastily adopted solutions that were rushed into place in March and April 2020. For some organisations, security became a bigger priority than before, with increased investment and strategic importance for the C-suite.
With this, we have seen increased emphasis on solving the issue of insider risk, which has been exacerbated by long-term remote work. Our own research at Egress found that 94% of organisations suffered a data breach caused by an insider in the past year, and human error was the leading cause, with 84% of those surveyed reporting a breach caused by a mistake.
Rule-breaking was also a big problem, with three-quarters of organisations experiencing data breaches caused by employees bending the rules. For IT teams, insider risk was revealed to be intrinsically tied to hybrid working, and in 2021 it was a key element of long-term plans to secure the workforce.
For many security leaders, putting in place additional technology to protect employees and systems from external threat actors was also a key priority in 2021. Remote organisations found themselves at increased risk of malicious attacks, with threat actors taking advantage of bring your own device (BYOD), vulnerable home Wi-Fi and people working at arm’s length from their security teams.
We found that three-quarters of organisations have been victims of successful phishing attacks in the past year. With phishing also comes increased risk of ransomware, which made headlines across the world in 2021. Ransomware continues to be a profitable endeavour for cyber criminals, and many security teams learned that to reduce this risk, they needed to protect their remote people.
But 2021 was not just about implementing new protocols and technology to protect hybrid work – it was also about improving existing ones. Solutions implemented in 2020 were workable – they just weren’t necessarily as secure as they needed to be. Business needs better security processes, as organisations adapted to operate (or just keep the lights on) in the new normal. As organisations have matured their hybrid work strategy, security teams have found themselves uncovering and auditing new data flows and addressing previously hidden risks.
This “consumer first” adoption of technology by employees has also driven improvements in pre-pandemic solutions. After a year of working from home, people have continued to push back on security that makes their lives difficult. Frustrated by the friction they impose, there has been pushback on legacy, typically static, security systems in favour of those that use intelligent technologies that augment people’s working behaviours to help them maintain productivity and work securely.
The reality is that many organisations will end 2021 with stronger security foundations than they had at the beginning of the year, but as security teams well know, hybrid working presents new risks, and there is always more that can be done. Threat actors will continue to work on new and increasingly sophisticated ways to target remote workers, which they see as the weak spot in any organisation. Also, people will always make mistakes and break the rules.
Working in cyber security is to be continually learning and adapting. After the upheaval of 2020, security teams were able to take a more long-term approach to securing a hybrid workforce in 2021. Hybrid work is set to continue in the years to come, and security teams will be faced with new threats as we move into 2022. The learnings and progress made in 2021 will help them to tackle these evolving risks.
Jack Chapman is vice-president of threat intelligence at Egress
Security Think Tank Christmas special: 2021 in cyber
- Redseal’s Mike Lloyd reflects on how ‘anti-human’ approaches to aspects of security, particularly programming languages, are setting us up for problems.
- PA Consulting’s Cate Pye says security teams need to focus more on people, processes and systems, if they are to ward off cyber attacks in the ‘new normal’.
- The infamous SolarWinds attack may have technically happened in 2020, but it ensured that in 2021, supply chain attacks were top of everyone’s agenda, as Airbus Cybersecurity’s Paddy Francis reflects.
- The biggest issues faced by IT teams this year ultimately boil down to a lack of appropriate resources and documentation, argues Petra Wenham of the BCS.