COVID-19 Related Remote Working
Remote working and cyber resilience
The COVID-19 crisis will undoubtedly have a lasting effect on the way most businesses operate, with the working life and operational structures being forced to change dramatically. One of the most obvious changes caused by the COVID-19 pandemic has been the rise of remote working. This development, which came about due to the need to reduce physical contact and the spread of infection between people, will likely remain a feature of modern life even once the worst of the pandemic has passed.
A key reason for this changing dynamic is that COVID-19 has demonstrated to many businesses the benefits of virtual, online communication. Specifically, many businesses have seen how effective remote working can be, with well-functioning workforces operating smoothly regardless of the physical location of employees. Given this method of working is vastly less expensive than traditional office spaces, it's possible that many organizations will be reluctant to return as they will see offices as out of date and unnecessarily costly.
Unfortunately, this remote working revolution is intertwined with cyber resilience concerns, as the move creates certain threats. Many businesses are arguably more exposed than ever before, as they need to manage a digital workforce now working away from on-site environments. Cyber risk professionals must therefore remain aware of the effect of remote working on the overall cyber resilience level of their organization and help build resilience in response to the increased exposure.
One critical issue that risk professionals need to be aware of, is that as more people will be working remotely in the future, there will be less standardization between the computer systems and Wi-Fi networks employees are using to accomplish their roles. This change makes it more difficult for information security teams and risk managers to assess vulnerabilities and adopt mitigation strategies, since the digital footprint of an organization is now much larger than before. With a bigger digital footprint, there is greater potential for cyber threats as the attackers have more avenues to probe. In turn this could lead to employees being hacked, providing access to cyber criminals to exploit which could result in physical damage at a facility if the individual they target has access to a remotely controlled ICS, for example.
Another issue, caused by more people working from home, is the fact that many internal systems and VPNs may become overwhelmed by the increased number of users connecting from external sources at any one time. This strain on existing digital infrastructure can trigger significant vulnerabilities for an organization, while also impacting productivity. Systems that were designed to be accessed by a limited number of people now, and going forward, will need to be accessed by a lot more users, hence the need for additional capabilities. In this instance, not only does the bandwidth need to be bigger but security tools, like firewalls, need to be properly reviewed to see if they can deal with the larger amount of traffic causing latency and demanding additional processing power. Linking to the problems produced by a lack of standardization, different employees may be using a variety of different technologies which could result in integration challenges with existing infrastructure.
Business that properly account for these issues, adjusting to the new prevalence of remote working, are likely to be best able to champion cyber resilience both during the COVID-19 crisis and in a post-pandemic world.
For those organizations looking to build resilience, one simple step would be to initiate more security checks within IT systems. Businesses could follow a defense/defense in-depth approach, adding extra layers of security, with multiple defensive mechanisms put in place to thwart potential attacks and increase the security of the whole system. Digital checkpoints can be used to authorize the right people and prevent cyber criminals from accessing sensitive systems. This can be achieved with, for example, corporate laptops using specific controls like endpoint protection or multifactor-authentication not only for remote VPN-enabled access—each method adds a defensive layer to make sure the people with appropriate access can connect securely but also for privilege escalation, internet and mobile applications and more so for business partners connecting remotely. When everyone was working internally this was much easier to control, but the model changes when people are connected from the outside world.
Another area that organizations will need to consider when it comes to cyber resilience will be the importance of having an up-to-date crisis response plan. The pandemic has highlighted how unpredictable events, seemingly unrelated to cyber security, need to be properly accounted for going forward. As a baseline, organizations need to understand their exposure to cyber risk and which areas may need more attention. For example, does the organization have the right policies and procedures in place? Is the crisis plan regularly updated to account for any new potential scenarios? These questions need to be answered with an understanding of the business's critical processes, and how to properly protect them.
It is now clear that the COVID-19 pandemic will have a large influence on cyber resilience even as the worst of the pandemic passes. Although changes to operational structures were brought on out of necessity, it's likely that remote working will remain a common practice long after COVID-19 has become a less pressing issue. Cyber risk professionals will need to understand this trend as the responsibility will fall on them to ensure that the switch to more remote working isn't accompanied by increased cyber exposure. Initiating more stringent security measures in an effort to replicate the on-site security procedures in the home of each employee will go a long way to building cyber resilience. Clearly this is no small task, but it is one that risk professionals must adapt to, or risk seeing their organizations suffer in the new reality.
As originally published in Continuity Central.com.
Download FM Global's Cyber Pandemic Checklist
Related content:
COVID-19: A unique opportunity for cyber criminals
The Invisible Attackers Waiting at Your Industrial Systems Gate: Be Wary, Be Prepared, Stay Resilient
Uncover the Cost of Your Next Cyber Attack