US operator Verizon has put out a report claiming the prevailing cultural trend towards remote remotely has adversely affected organisations’ cybersecurity.
As the world locked down at the outbreak of the coronavirus, anyone that worked on a computer found themselves earning their crust from wherever they could at home, some having to learn to do so for the first time. The lockdowns have gone, but the trend towards working from home has lingered. Its hard to know specifically, but it feels like most office based firms have now adopted a hybrid if not an entirely remote approach.
The reasons for this will depend on who you ask, but it is arguable that since the technology that enables remote video meetings and collaboration on the cloud was clearly already there, the lockdowns acted as an accelerant to what might have been how businesses evolved anyway. However the shift in working culture may have brought with it some extra security vulnerabilities, at least according to Verizon’s latest Mobile Security Index, a survey of security professionals.
The report asserts that with an increase in hours, locations and devices comes an increase in vulnerability for companies, and that there has been 22% rise in major cyberattacks in the last year involving a mobile/IoT device. As the number of devices in play and remote workers continues to rise, 79% of respondents said that ‘the recent changes to working practices have adversely affected their organizations’ cybersecurity.’
85% said home wi-fi and mobile networks/hotspots are allowed at their firm or there is no policy against them, and 68% allow or have no policy against the use of public wi-fi – the implication being all these things are less safe than office connections, though it’s hard to work remotely without using one of those options. Meanwhile 52% of respondents said they have previously sacrificed the security of mobile devices to ‘get the job done’ – presumably after being reassured of the anonymity of their responses.
“For businesses – regardless of industry, size, or location on a map – downtime is money lost,” said Sampath Sowmyanarayan, CEO, Verizon Business. “Compromised data is trust lost, and those moments, although not insurmountable, are tough to rebound from. Companies need to dedicate time and budget on their security architecture, especially when it comes to off-premise devices: otherwise they are leaving themselves vulnerable to cyber-threat actors.”
You could probably argue that in a time of necessity, such when a government declares it illegal for your staff to come into the office, things such as IT security might slither down the priority list somewhat as you just try to keep the wheels spinning. However what is apparent a couple of years later is that it’s probably going to be rare for a workforce to be entirely operating out of an office ever again, which leaves out all the extra layers of security you can rely on when staff are not logging on with who knows what, who knows where. But that is the ‘new normal’ as people insist on saying, so security professionals around the world are going to have to adapt or breaches will presumably continue to rise.