How to combat cyber threats amid the shift to remote working

The coronavirus pandemic and resulting lockdown have taken a toll on organizations in many ways. But one stressor for IT and security workers around the world has been the abrupt and unexpected transition to a remote workforce. In a race to enable employees to work remotely as quickly as possible, IT departments may have put certain cybersecurity issues on the back burner.

SEE: How to work from home: IT pro’s guidebook to telecommuting and remote work (TechRepublic Premium) 

A report released Tuesday by change management software provider Netwrix describes the challenges and risks of security in a remote work environment and offers tips on how to combat them.

Based on a survey of more than 900 IT professionals around the world for its “2020 Cyber Threats Report,” Netwrix found a number of concerns in the area of cybersecurity. Although 39% of the respondents said they tightened their data security during the pandemic, 24% said they believe their organization is at greater risk in cybersecurity than before.

Some 60% of the respondents found new security gaps in their defenses as a result of the shift to remote working. Specifically, the overwhelming majority said they’re worried about their VPNs being exploited for malicious purposes. Many are concerned about misconfigurations in their cloud environments as well as the possibility of data theft by employees. And more than half said employees have been ignoring cybersecurity policies and guidelines.

A full 85% of the CISOs surveyed admitted that they sacrificed cybersecurity in the effort to enable employees to work remotely. In the end, some 63% of the respondents say they experienced an increase in the number of cyberattacks.

Almost half reported phishing attacks during the first three months of the pandemic, though most were able to detect the attack in minutes or hours. A quarter of the organizations were hit by ransomware or other types of malware attacks. Also discovered were accidental misconfigurations by IT admins and improper data sharing.

To help you protect your organization and remote workers from cyberattack, Netwrix offers the following advice:

• Provide regular user training on how to identify suspicious links and attachments and how to report them.
• Enable continuous IT auditing with alerts on signs of ransomware in progress, such as unusual spikes of activity across file repositories.
• Harden data access governance by revoking excessive access rights.
• Establish and rigorously enforce a least-privilege model.
• Utilize privileged access management (PAM) solutions to restrict admin activity.
• Automate change auditing across key IT systems to detect issues as they emerge.
• Conduct periodic reviews to spot any deviations in system configuration from a healthy baseline.

Included in the 937 technology professionals surveyed were IT and systems administrators, IT managers, CIOs and IT directors, CISOs, consultants, and IT audit officers. The survey elicited responses from professionals in North America, Europe, the Middle East, and Africa (EMEA), and Asia-Pacific (APAC).

Cybersecurity Insider Newsletter

Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.
Delivered Tuesdays and Thursdays

Sign up today

Also see