In New Era, Prevention a Vital Piece of Cybersecurity StrategyBy Claudio Martinelli | Thu, 02/10/2022 - 13:00
The last two years have transformed everything we took as “normal,” including the way we work: the 9-to-5 workdays, face-to-face meetings, business dress code and coffee breaks with colleagues. Instead, most people have had to adapt to working from home — until recently an occasional perk enjoyed by a few — as it became the new norm, quite literally, overnight.
However, few imagined that, two years after the COVID-19 outbreak, most office employees would still be working from home. Just as companies began to welcome staff back to the office, the omicron variant abruptly halted those plans, once again making working from home the safest option.
It is clear that, for many companies, remote work is here to stay, if not permanently, then under a hybrid scheme. Despite the challenges many faced at the beginning, many employees have come to enjoy the benefits offered by the work-from-home model. A study carried out by Kaspersky with Mexican employees across several industries reveals that 78 percent would like to replace pre-pandemic working practices with a more agile, accommodating and work-life balanced culture. In fact, almost half of Mexican employees (48 percent) want to do away with the 9 to 5 workday, and 25 percent wish to end the five-day workweek.
Although this flexible model may be good for employee engagement and productivity, companies must consider the digital risks it exposes staff and organizations to, especially after many workers have turned to their personal devices, where they connect to online retailers and social platforms, to access privileged corporate information. Even working from the local coffee shop, where employees may connect to an unsecured Wi-Fi network, poses a risk to the device and the information it contains.
Additionally, this new trend has given rise to remote desktop protocol brute force attacks, which exploit vulnerabilities in remote access technologies by trying to guess passwords to gain access to a device or server. Once access to the corporate network is achieved, cybercriminals steal data to extort money from its victims. The first year of the pandemic, Kaspersky technologies detected a triple-digit increase in these types of attacks around the globe. Moreover, these types of incidents spiked in 2021 in several Latin American countries, including Mexico, where Kaspersky registered 1.7 million attacks.
Considering all of this, how can companies ensure that the emerging work schemes are safe for both employees and the organization? One word: prevention. Just as employees have had to adapt to new working models, companies must also adapt their cybersecurity strategy considering the new threats and all possible attack vectors to prevent a cyberincident. After all, the company’s reputation depends on it.
The good news is that organizations can optimize their cybersecurity strategy in three easy steps. First, it is imperative to educate all staff on cybersecurity and make them aware of the importance of practicing good digital habits. This way, they will be familiar with the most common threats and know what to do if they encounter them, making them less likely to become an easy target. Second, organizations must take basic protective measures to safeguard corporate data and devices, including periodically changing passwords, restricting access to sensitive information, and backing up data. As a third step, companies need to implement a robust and reliable security solution, such as Kaspersky Endpoint Security Cloud, which offers endpoint protection tools and technologies that learn and monitor the behavior of both users and applications, so it’s able to reveal anomalies and automatically respond if either of these behaves abnormally. This solution is available with minimum management overload and offers monitoring through the cloud.
As Heraclitus, the Greek philosopher, said, “Change is the only constant.” The digital transformation that has taken place during the last two years has revolutionized, among other things, the way we work, yielding more opportunities — for good and bad — than ever before. To succeed in this “new normal,” organizations must build a cybersecurity strategy centered on prevention and activate the resources that are most effective against current threats. As such, companies will ensure that all potential vectors of attack are analyzed and optimized.