LinkedIn
Facebook
Twitter
Whatsapp
Telegram
Copy link

With COVID-19 forcing companies to implement work-from-home policies, Jim Fitzsimmons helps us understand the cybersecurity risks posed by a remote workforce

The COVID-19 pandemic has forced organizations around the world to implement working from home. The challenges of this new working pattern include a loss of productivity, social isolation, and the complications of managing the abrupt mix of home and work life.

Companies and people are adjusting and becoming accustomed to these circumstances. But this new working model owes more to a mobile consumer culture than to conventional enterprise information technology (IT). Many companies have quickly adopted cloudbased productivity tools (such as Microsoft’s cloud-based Office 365 solution) to support a suddenly remote workforce.

In the rush to adapt, however, companies have become increasingly concerned about the overall cybersecurity of this approach to working. For many years cybersecurity was based on a perimeter security model: Protecting an organization’s information and computers was predicated on isolating them from external access. Computers could connect to the internet on the “outside”, but, in principle, no connections from the outside were let in. But when everyone is working from home, they are all on the “outside”, and this old security model is poorly suited to a mobile workforce.

Companies look at how they work today – individually at home, connected via apps, sharing data and video conferencing – and they are unsure of their cybersecurity risks. Is the cybersecurity risk higher when working from home?

THE ATTACKERS

To understand the risks of working from home, it is important to understand the threats, and the underlying actors.

Motivated, well-resourced attackers specifically targeting an organization are the most acute threat. Nation states have the hacking talent, software development capability and the funds to mount complex espionage campaigns. Meanwhile, sophisticated cybercriminals who steal information for sale, or on the behalf of another organization, are almost as well-resourced and capable.

You must be a subscribersubscribersubscribersubscriber to read this content, please subscribesubscribesubscribesubscribe today.

For group subscribers, please click here to access.
Interested in group subscription? Please contact us.

你需要登录去解锁本文内容。欢迎注册账号。如果想阅读月刊所有文章,欢迎成为我们的订阅会员成为我们的订阅会员

已有集团订阅,可点击此处继续浏览。
如对集团订阅感兴趣,请联络我们

Jim Fitzsimmons is the director of cyber consulting at Control Risks, a global risk and strategic consulting firm specializing in political, security and integrity risk.

LinkedIn
Facebook
Twitter
Whatsapp
Telegram
Copy link