With so many employees going remote, the year 2020 initiated one of the biggest shifts in work culture since the creation of the Internet. While telecommuting and remote work had become increasingly accepted over the last decade, the COVID-19 pandemic accelerated this trend and made remote work mainstream. Many job functions once performed in-person are now being carried out entirely remotely. However, as more organizations are supporting remote work, they face heightened concerns around protecting critical company assets against cyber vulnerabilities and threats.
To help us understand these threats and how organizations have reacted, we talked with South University’s online Information Systems & Technology Department Chair, Mourad Oulid-Aissa, PhD, CISSP. Below is some of what he shared.
Increased Security Risks for Remote Workforce
Protecting information systems and technology infrastructure gets a lot more complicated when part or all of an organization's workforce is remote. Remote workforces experience a higher risk for phishing attacks, unapproved data storage, password sharing, and non-secure device and internet usage.
Cybercriminals are aware of these security challenges, and cybercrime has skyrocketed during the pandemic. Complaints filed with the FBI have increased from 1,000 daily complaints to 3,000-4,000 daily. If cybercriminals successfully identify and exploit an organization’s vulnerabilities, company knowledge, facts, data, processes, intellectual property, software, and hardware could be compromised. Resulting systems and technology malfunctions could slow or entirely halt incoming revenue for organizations. Costly fines, business disruption, and loss of customer trust are also serious concerns, especially if sensitive data (like social security numbers or credit card information) is breached.
5 Steps to Improving Organizational Cybersecurity
With the risks facing remote workforces, it is vital that organizations reassess the security measures protecting information systems and technology infrastructure. Now is the time to find potential vulnerabilities, consider possible threats and determine the risk facing critical assets. Key areas to focus on include:
- Unauthorized disclosures of information (to protect confidentiality)
- Unauthorized or unexpected modifications of information (to protect integrity)
- Denial of Service (DoS) attacks that disrupt the accessibility and function of important services (to protect availability).
After assessing the current state, an organization can then devise and deploy security controls to mitigate all identified risks in each area. Below are some of the steps that Dr. Oulid-Aissa recommends.
1. Evaluate safeguards for critical areas
If any critical infrastructure area is left unsecured, a cybercriminal could gain unauthorized access and launch a cyber-attack. For this reason, cybersecurity teams should check the completeness and quality of:
- Data-movement monitoring capabilities for incoming and outgoing data
- Software and hardware systems that enable secure remote work communications
- Networking and server infrastructure that are essential to remote-work services
- Network services accessible to remote workers
- Applications and tools available to remote workers from laptops and other devices.
2. Examine infrastructure performance and reliability
An organization's infrastructure must be able to support the processing load, throughput and communication bandwidth required to accommodate a remote workforce. This requires carefully examining all secure-communication network elements, devices, and applications, such as firewalls, intrusion protection and detection systems (IPS/IDS), virtual private networks (VPN), and software defined networks (SDN). If these components cannot support the high-end load, throughput, or bandwidth requirements, a cybercriminal could more easily exploit the applications or network protocols to disrupt business processes and services.
3. Educate workers on cybersecurity best practices.
If employees don’t know to watch for phishing attacks in their email and text messages, they may be more likely to click on a link or open an attachment that they should avoid. Likewise, users may not be taking appropriate measures to protect their access credentials or classified company or client data. To help them stay vigilant and protect the entire organization, all team members should be reminded of cybersecurity best practices and what risks to look out for. For example, make sure they know to avoid public Wi-Fi, choose strong passwords, use secure file sharing platforms, and report any suspicious messages.
4. Assess the capability of monitoring and analyzing incoming and outgoing data flows
Every organization needs to know what data is flowing between its systems and its remote workforce. Typical data analysis devices include firewalls, network-based and host-based intrusion detection and prevention systems (IDS/IPS). If an organization does not have enough visibility into its incoming and outgoing data flows, malicious actors may be able to masquerade as legitimate users. Likewise, a remote worker could unknowingly transmit malware into the organization’s network.
5. Determine the team’s readiness to respond to cybersecurity incidents.
If an organization doesn’t have predefined incident response processes and resources, a cybersecurity event may not be contained and fixed in a timely manner. This could lead to prolonged system-wide outages and require increased staff involvement and monetary investment to address the initial incident. Organizations should plan ahead and audit their response processes to make sure they’re ready to react swiftly if an incident occurs.
Are you interested in cybersecurity?
Industry and government organizations need IT professionals who specialize in cybersecurity to operate, maintain, protect and defend their mission-critical assets. At South University, our Bachelor of Science in Information Technology ("IT") with a specialization in Cybersecurity program is designed to help prepare students for the growing need in this area.
To achieve direct relevance with in-demand skills, our program aligns with the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework (CWF), a partnership between government, academia, and the private sector focused on cybersecurity education and workforce development. Several courses also align with certifications from prominent professional organizations, such as the International Information Systems Security Certification Consortium (ISC)² and the EC-Council. Throughout the program, students combine theoretical projects and hands-on practice using virtual-labs and cyber gamification platforms. Upon graduating, students will be prepared to pursue a wide range of competitive roles in the cybersecurity job market.