Remote working demands tighter security solutions

As interest in Covid-19 vaccine-related information reaches an all-time high, cybercriminals are seizing the opportunity to increasingly target users working in a remote environment, in an effort to compromise company networks, experts said at Khaleej Times’ Remote Workforce Summit 2021.

Speaking on the second day of the virtual event, Nicolai Solling, chief technology officer at Help AG, the cybersecurity arm of Etisalat Digital, highlighted how the new normal has presented new challenges for cybersecurity players.

“The new office is not really an office in the way that you knew before; it could be your home, your kitchen, or your library,” he said. “There are specific drivers that everybody has to be aware about when it comes to the changes in our lives right now. Organisations have to understand how to protect the remote workforce. Secure connectivity is important, as is the accelerated adoption of cloud.”

He also revealed that the new normal has resulted in increased risks to data privacy and data security. “The Covid-19 pandemic has been the perfect stop for cyber attackers, and there has been an explosion of cyberattacks. When Covid-19 happened, initially, people did not know a lot about it and were trying to find out more about what was happening. It was very easy to be tricked into clicking a suspicious link that promised information about the pandemic. These attacks have continued since the early days of the pandemic, and have morphed into a third wave that revolve around information about vaccines and vaccine distribution.”

During the initial months of Covid-19, Help AG's security analysts witnessed a 183 per cent jump in threat alerts related to data exposure. Data leakage refers to the intentional or unintentional exposure of confidential documents, corporate e-mails, and documents with sensitive metadata on official channels of an organisation and the dark web for subsequent unauthorized use and exploitation for malicious purposes. The alarming increase was identified as a result of continuous monitoring of documents and file repositories on information sharing platforms, official portals of organisations, and the dark web through Help AG's Digital Risk Protection service. The top impacted sectors included healthcare, government, aviation, logistics, retail, energy, and utilities.

A big challenge for organisations today, Solling said, is that before, there used to be one single place where they could enforce security. However, security now has to be distributed across various locations due to remote working. “Applications and services have also changed significantly, historically our applications and would be sitting in data centres and there would be a lot of attacks concentreated there. But, with a lot of applications and services moving to the cloud, which has better and safer security, the attackers are changing focus. They are now targeting users to get their hands on data.”

Ghinwa Baradhi, chief information officer for the Menat region at HSBC, noted that organisations have been “pushed out of their comfort zone” and forced to adapt to the new circumstances.

“The top three trends that we are witnessesing today revolve around the increase of disruptive technologies, the role played by technology itself, and global workforce trends,” she said. “As technology becomes increasingly important, a large part of an organisation’s success depends on how the CIO reacts.”

Technology, she pointed out, has to drive business. “Have a tech-forward business strategy and identify where the value lies. However, before that you have to work on having the right mindset when it comes to tackling challenges. Remember, you can’t generalize an approach or a strategy; you have to find a solution that works for you. Lastly, organisations have to be agile in their response, otherwise they will be left behind.”

rohma@khaleejtimes.com