Navigating remote working cyber risk

According to the Australian Bureau of Statistics (ABS), 22% of businesses in Australia experienced a cyber attack in the 2021—22 financial year — a nearly twofold increase on 2019–20, when one in 10 businesses were affected. With the rise of hybrid working models, what can companies do to reconcile security and flexibility?

The more complex and decentralised a company’s IT structure becomes, the more vulnerabilities that serve as attractive gateways for cybercriminals. Attacks have been on the rise since the late 2010s, coinciding with the accelerated adoption of digital storage and cloud computing. When the pandemic hit and there was a sudden need to ensure employee wellbeing, companies swiftly embraced remote work options, often prioritising speed over security. Despite a return to relative normality, the working landscape has been forever changed.

Managing risks in decentralised work

A recent Trend Micro Australia study found that four out of five Australian businesses expect to be hacked, with business owners seeking alternative means to protect their data. Moving forward means shifting attention to more proactive measures and organisations should concentrate on fortifying security protocols and promoting best practices for safeguarding sensitive information.

Delivering fast and secure remote work set-ups, conducting regular security training and adopting robust encryption strategies are all essential to mitigating risk. According to the 2023 Thales Cloud Security Study, human error is the leading cause of cloud data breaches in Australia, making it important to devise a strategy that focuses on the greatest risk area — people.

Data from the ABS show that very few organisations offer regular cybersecurity training for employees, increasing the likelihood of behaviours that exacerbate security risk. When combined with remote working, the problem intensifies. For all the benefits that a hybrid working model delivers, connecting devices to unsecured Wi-Fi networks can be a recipe for disaster and a boon to cybercriminals.

Four pillars for more security

Focusing on the following key areas will help organisations deliver a more secure IT environment.

1. The “least privilege” principle: To protect sensitive information, IT and HR managers can limit user access to files and other resources, based on position. Rather than being an exercise in exclusion or broad denial of information, granting access on a ‘need to know’ basis helps limit potential points of entry. Various levels are possible, including read-only access.

2. Secure SSO login methods: SSO — or single sign-on — is an authentication method that allows users to securely login to multiple locations and tools. Negating the need for entry of login data to multiple places, identity data consists of tokens that facilitate and simplify comprehensive employee authentication. This saves time and negates the need to remember multiple passwords, which can be cracked by criminals and used to take over individual accounts, leading to further damage.

3. Zero trust security architecture: Enforcing continuous re-authentication and identity verification via multiple authentication factors denies implicit trust to network and infrastructure users. When coupled with the least privilege principle, users and devices are only granted access to the specific resources they need. Access is additionally verified and authenticated at every step, regardless of location or network. This technique significantly reduces the organisation’s attack surface and it makes it substantially harder for threat actors to enter.

4. Regular training: When a workforce is dispersed, important cybersecurity control mechanisms are inherently missing. That is by no means a reason to call everyone back to a central location, but it does create a need for regular cyber safety training. Users must be constantly reminded of the risks arising from weak passwords, phishing emails and unsecured Wi-Fi, for example, and they should also be provided with up-to-date information on the latest hacking methods. Training and communication are essential in remote or hybrid work models, as people are — and will remain — the weakest security link.

Organisations must take responsibility

In the event of a cyber attack, it’s important to know how to react — both internally and externally. Identifying the breach location, securing systems and disabling remote access are among the first steps, but there is a wealth of information that needs to be gathered and communicated.

When did the breach occur? What system or process failures made it possible? Has the situation been remedied? If so, how and when? What type of data was compromised? What measures are in place to avoid future incidents? Addressing all of these points for internal and external stakeholders is essential to maintaining trust, while being transparent about risks.

It’s particularly important to acknowledge and communicate staff involvement, using the incident to better educate employees on the dangers and ramifications. No one willingly takes cybersecurity risks, with a lack of understanding more likely to be the cause of a breach. Regularly reassessing staff training and education programs should be a part of your security strategy.

Regardless of employee location, continual investment into appropriate security infrastructure is imperative — but safeguarding data and maintaining operational resilience depends on an educated and capable workforce that behaves in a way that minimises cyber risk.

Image credit: iStock.com/celiaosk