By Laurent Celerier, EVP Technology & Marketing
There is no question that COVID-19 has had far reaching and long-lasting impacts on the way people do things, not least the way we work.
Almost half (48%) of employees now work remotely or in a hybrid way, combining working in the office and working from home, according to a survey from the Chartered Management Institute (CMI). The transition from workplace to residence has, in the most part, run smoothly and allowed employees to continue to be productive while away from their usual working environment.
The success has been, in no small part, down to technology, allowing staff to have all the necessary access to corporate information and the ability to communicate with colleagues while in the comfort of their own home. Employers that hadn’t previously encouraged or supported remote working hastily scrambled to implement policies and remote access infrastructure.
It is part of a huge digital transformation drive that we have witnessed over the past year. Companies have expediated the digitisation of their customer and supply-chain interactions and their internal operations by three to four years, according to a survey of executives by McKinsey.
There is no doubt that organisations must embrace digitisation or risk being left behind. Yet while this transformation has been tremendously beneficial for keeping people connected and ensuring business continuity, the spotlight has naturally fallen on the inevitable cybersecurity impacts. As adversaries changed tack to exploit the new remote workforce, those charged with protecting corporate networks have had to quickly re-think their own strategies.
According to the latest Orange Cyberdefense Security Navigator, analysis of security events monitored by our 11 CyberSOCs and 17 SOCs shows there has been a higher volume of social engineering incidents in 2020 compared to the last two years (2018: 2%, 2019: 1%, 2020: 5%). This includes phishing campaigns either distributed through mass email or more targeted attacks through spear phishing, as well as spam emails and extortion.
In addition, there was a high number of confirmed incidents involving the installation of Adware and Potentially Unwanted Programs or Applications (PUP). These incidents represent 60% of all confirmed classified malware detections. Most incidents involve users installing unwanted programs or extensions such as zip unpackers and browser add-ons that send user data to external entities. Significantly, there was an increase in confirmed Adware and PUP incidents in March 2020 – the month when many people started working from home.
Despite the roll-out of COVID-19 vaccines, there is not expected to be a mass return to the office any time soon. The CMI survey found that four in ten employees think their own organisation will continue to work remotely or in a hybrid way in 2021. For security leaders, this means ensuring that they keep abreast of the cyber threats facing their remote colleagues.
So how can security in 2021 help drive commercial success for your company?
The key is understanding the risk. Employees that previously were communicating locally within the office network, protected by an enterprise grade firewall, now connect their laptops to a cheap home ISP router and access data over VPN connections. These home routers usually do not have the same cadence when it comes to software upgrades to address newly discovered vulnerabilities, and hence increase the risk of being compromised. Once you control the router there are many ways of infecting all devices behind it, including your corporate laptops with “always-on” remote access.
To mitigate this increased risk, we advise investments into the following:
▪ Flexible remote access solutions that can scale up and down to meet current needs and do not require a big initial investment;
▪ Next generation endpoint security solutions that are equipped to protect against unknown advanced threats based on, for example, machine learning or advanced behaviour analytics;
▪ Endpoint detection and response solutions: CyberSOCs have lost a great deal of visibility due to an increase in remote workers. While an EDR will enable detection across all endpoints, the risk is that companies do not have the competence nor resources to analyse generated alerts and therefore a managed EDR should be considered.
In summary, with an increasing number of high profile breaches, lawsuits and eye watering fines imposed for poor cyber hygiene in the past 12 months, in 2021 more scrutiny can be expected on digitisation projects. It will be those organisations that ensure robust security processes are in place throughout the digitisation process that have the greatest opportunity to drive competitive advantage and commercial success.
About the Author
Laurent Célérier, Executive Vice-President Technology and Marketing, Orange Cyberdefense. Laurent Célérier is Executive vice-president, Technology and Marketing for Orange Cyberdefense. He started his carrier in the French navy (Ministère des Armées) and before leaving he was Deputy Director General IT & Digital, where he was in charge of the Digital transformation of the Ministry of the Armed Forces. He then joined Orange Cyberdefense France in 2018 as CTO and in early 2020 he was appointed Executive vice-president Technology & Marketing at Orange Cyberdefense Group.