TRENDING:

Governance & Risk Management , Remote Workforce

Work-at-Home: The Impact on Security

Survey Sizes Up Increased Risks, New Duties for Security Staff Akshaya Asokan (asokan_akshaya) • May 1, 2020    
Work-at-Home: The Impact on Security
Some security pros say cybersecurity incidents have increased since the shift to working at home.

The shift to working at home is opening the door to cybersecurity incidents. Some 23% of respondents to a small survey conducted by the training organization International Information System Security Certification Consortium - also known as (ISC)2 - say their organization has experienced an increase in cybersecurity incidents since transitioning to remote work.

See Also: Modern Security for Your Hybrid Workforce

"COVID-19 hit us with all the necessary ingredients to fuel cybercrime: 100% work from home before most organizations were really ready; chaos caused by technical issues plaguing workers not used to [work from home] … temptation to visit unverified websites in search of up-to-the-minute information; and remote-workforce technology supported by vendors driven by 'new feature time to market' and NOT security," one respondent to the (ISC)2 study notes.

Shifting Priorities

The (ISC)2 survey, based on responses from 256 cybersecurity professionals worldwide, is intended to offer a snapshot of how priorities have changed over the last two months.

Almost half of the security pros surveyed report that they have been shifted away from security duties and reassigned to IT duties over the last two months.

Of those that have been reassigned to IT duties, about 30% report that their organizations have seen an increase in security incidents over the last several weeks.

Organizations are asking their security teams to be creative in order to keep the workforce secure during this time, which means additional opportunities for the security team, the (ISC)2 report states.

"Security professionals are suddenly looked at as creative problem solvers and risk reducers in ways management never intended," Erik von Geldern, the CISO of FXCM, a British-based trading firm, said about the (ISC)2 survey results.

Fraudsters Adapt to Conditions

Security firm Kaspersky reported this week that attackers are taking advantage of the remote workforce to target devices using remote desktop protocol connections to gain access to corporate networks (see: RDP Brute-Force Attacks Rise During COVID-19 Crisis: Report).

And U.S. and U.K. law enforcement and government cybersecurity experts have warned that cybercrime groups and nation-state hacking gangs will continue to exploit the COVID-19 pandemic to further their own aims (see: UK and US Security Agencies Sound COVID-19 Threat Alert).

Previous
Phishing Campaigns Target Senior Executives via Office 365
Next
Account Takeovers: Why Fraud Losses Are Growing

About the Author

Akshaya Asokan

Akshaya Asokan

Senior Correspondent, ISMG

Asokan is a U.K.-based senior correspondent for Information Security Media Group's global news desk. She previously worked with IDG and other publications, reporting on developments in technology, minority rights and education.



Around the Network

Properly Vetting AI Before It's Deployed in Healthcare
Properly Vetting AI Before It's Deployed in Healthcare
Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats
Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations
How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity
Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?
Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.