Will we see an increase in cyber attacks as more businesses return to the office?
Chris Hodson, CISO at Tanium, says YES
Cyber criminals exploited business disruption in the rush to get workers set up from home in March. Our research saw a 92 per cent spike in attacks targeted at companies in the first two months of lockdown, and they’ll respond again as offices fill up.
These distributed workforces — where some staff work from home and some in the office — will cause even more headaches for IT teams.
The problem is that most organisations still struggle to fully understand how their staff are accessing sensitive business information. Vulnerability management is vital for organisations to prioritise possible threats and to minimise risk — but you can only manage what you can see. Lockdown exacerbated these issues, as we saw an increase in employees using personal devices to access company data. But this lack of full visibility is an issue as we move back to “normal” ways of working — and hackers know this all too well now.
This situation will continue to present a problem until businesses understand that a hacker just needs one unsecured laptop or mobile to disrupt a whole company.
Rich Turner, SVP EMEA at CyberArk, says NO
We shouldn’t automatically expect cyber attacks to increase as workers return to the office, though of course they trend upwards over time. The cyber habits of remote workers contributed to raised threat levels during lockdown, with hackers using social engineering attacks like phishing successfully. Corporate networks are also better defended than employees’ own home networks, and the diminished reliance on VPNs for security and access will reduce the remote working threat.
The danger is that employees assume they’re returning to a completely secure environment. Many businesses are making the transition in phases, and providing access to information and assets from both within and without corporate networks is challenging.
Addressing this requires an identity-driven approach to security which applies the right level of authentication and security controls to individuals based on their role, what they need to access, and how long they need to access it for.
This will be vital in order to stop attackers gaining privileged access to critical data and assets.
Main image credit: Getty