- Security TWENTY
- Women in Security
Hackers went to town when the world went into lockdown, writes Chris Hodson, CISO at security software firm Tanium.
The onset of the pandemic was a global shock unlike anything seen before. Around the world, employers responded to government mandates by enforcing strict working from home (WFH) orders for staff, creating a distributed workforce on an unprecedented scale in an incredibly short timeframe with minimal preparation. While remote working was initiated to protect the health of employees, it inadvertently created new and unprecedented cybersecurity challenges for businesses – something most were unprepared for.
Even before the virus emerged, concern among IT leaders was growing with tool sprawl, shadow IT, and legacy tech creating a slew of security challenges. Not only did widespread remote working exacerbate these existing issues, it also created a host of new security challenges, allowing cyber criminals to run amok during a period of deep confusion and uncertainty for businesses.
From rosy perception to hard reality
Many of the issues that emerged at the start of lockdown resulted from business leaders considerably overestimating their preparedness for the security challenges that came with shifting to a distributed working environment. Our research found that 85 percent of business leaders thought they were prepared to manage the shift to widespread WFH. This confidence turned out to be ill-founded. Ninety-eight percent revealed that they faced security challenges in the transition away from the office.
At the same time organisations were grappling with the challenges of transition, cyber criminals were quick to take advantage of the chaos. Attacks increased by 30 percent as attackers sought to identify gaps in organisations’ security posture and stepped up the frequency of hack attempts.
Enterprise security gaps
Not only has a lack of preparedness hampered security efforts since the onset of the pandemic, gaps in organisational security have increased challenges too. With employees trying to stay on top of work without office resources, many have ended up connecting personal computing devices to the company’s corporate network and cloud services. This sudden rise of unknown devices presented IT security teams with increased risk. After all, a single missed computing device is a security and compliance violation waiting to happen.
Without holistic endpoint visibility, IT teams were unable to complete essential patch updates or ensure that sensitive data was secure. With personal devices presenting an ideal point for cyber criminals to gain entry, many leaders were unaware of just how significantly attacks on their organisation were increasing. Consequently, 45 percent of business leaders revealed that their organisation will now prohibit personal devices on the corporate network in an attempt to reduce the impact of BYOD.
Storing up problems
In some cases, the impact on security was dramatic, potentially exposing organisations to severe risks further down the road. For a quarter of business leaders, corporate vulnerability management, such as patching or scanning has been put on the back-burner since the pandemic. On top of this, 93 percent of businesses had to delay or cancel security priorities to accommodate the transition to remote working, perhaps not realising how significant the impact would be. The majority of businesses have, however, done a U-turn on this, with 69 percent making cybersecurity a priority going forward, ahead of minimising business disruption.
The way forward
The almost overnight transition to remote working forced changes for which many organisations were unprepared. It may have started with saturated VPN links and a struggle to remotely patch thousands of endpoints, but the rise in cyberattacks and critical vulnerabilities has made it apparent that we’re still far from an effective strategy for the new IT reality. Whether companies choose to permanently move their operations, return employees to the office, or some combination of both, it’s clear that the edge is now distributed. IT leaders need to incorporate resilience into their distributed workforce infrastructure if they’re going to manage the security challenges of this new world of work effectively.