Connect with us

Hi, what are you looking for?

HEADLINES

Cybersecurity experts identify threats as work-from-home becomes the norm, calls for businesses to protect themselves

The remote setup had employees bringing home their workstations, taking devices out of the protection of cybersecurity systems found inside offices and leaving them vulnerable to threats.

Restrictions brought by the COVID-19 pandemic lurched businesses towards the digital space, and as work-from-home continues to be the norm, there is also an increased awareness in cybersecurity. Enterprises both big and small are faced with cyber threats, and the need to adopt security measures is more critical than ever.

“Almost 97% of Asia Pacific organizations made changes to their policies to shift for remote working. All of a sudden we went from business continuity planning to execution,” Kerry Singleton, Managing Director for Cybersecurity Cisco APJC, reported during the fourth episode of the tech company’s webinar series, Navigating the Shift.

The series goes on a deep dive on the pandemic’s impact across industries, and in this episode titled Cybersecurity Today: Addressing the New Threat Landscape, Singleton, along with other experts in the field, examined changes in the cybersecurity landscape as businesses went online.

“There are a lot of breaches happening. There were breaches early [in 2020] and it increased with remote work,” GIAC Information Security Expert DefCon Black Badge Raymond Nunez observed. The former Security Consultant of the Department of Information and Communications Technology (DICT) mentioned that these include SMS- and voice-based phishing, also known as smishing and vishing. While automated spam filters are available in emails, SMS and voice services rely on users to determine scams. 

Advertisement. Scroll to continue reading.

Nunez also reported breaches due to weak credentials in user accounts, stating that attackers are still able to penetrate organizations using passwords as easy as “1234”. This shows a certain level of vulnerability currently present among the online community, including businesses that could be negatively impacted as work-from-home is foreseen to be here for the long haul. 

“I’ve spoken to customers across the globe. They’re all thinking about how do we return to work, and a common theme that I’m seeing is that they are going to leave a percentage of their workforce working remotely,” shared Singleton. He pointed out that a few large tech companies in the US have even gone for a 100% work-from-home policy. 

The remote setup had employees bringing home their workstations, taking devices out of the protection of cybersecurity systems found inside offices and leaving them vulnerable to threats.

“The threats are not getting any smaller – they’re getting bigger and more maverick,” Emmanuel Caintic, Assistant Secretary of DICT, commented. “Now more than ever is the time to invest in your network security. It’s an insurance and it doesn’t cost much. It’s actually more expensive to remediate after an attack.”

Aside from cost implications, successful attacks can result to client loss and business shutdown due to bad reputation from having been breached. Thus, the speakers called for businesses to take security measures, with educating staff on cyber hygiene habits as the first line of defense. These include being vigilant when opening attachments, clicking links, and providing information.

Another recommendation is for businesses to invest in endpoint security and visibility now that endpoint devices like laptops and phones are deployed in employees’ homes. Technologies such as multi-factor authentication or MFA was also raised as a way to ensure a person’s identity. “That inconvenience of a few seconds of having to check your phone to log in to that two-factor authentication could spell a lot of difference,” Caintic mentioned. According to Nunez, Google and Microsoft have also deployed MFA to prevent breaches and were rewarded with good success rates. 

Advertisement. Scroll to continue reading.

“We’ve seen online banking, government applications, and a lot of social media and email platforms move down that path, but the corporate environment and businesses [also] need to look at multi-factor authentication as the first step in their process,” Singleton agreed. 

Cisco offers Duo MFA which requires users to push a token to their smartphones – a technology that the company uses itself for security. “So we’ve got the username and password, and then we’ve got the multi-factor authentication piece that sits over the top of it as well,” Singleton added. 

The highly-esteemed tech company offers other cybersecurity solutions that are used by enterprises around the globe, but are still scalable from small- to large-sized businesses.

“When you’re in a small business, if you can afford to invest in device systems and secure the devices that you give to your employees or you station in your business, that’s the best solution,” said Caintic. As an alternative, he suggested investing in a virtual private network (VPN) service and in malware protection programs – which have to be kept updated in order to safeguard systems from evolving cyber-attacks.

Meanwhile, for bigger enterprises and those in public service such as telco companies, Caintic recommended flawless business continuity programs on top of robust cybersecurity technologies to ensure minimal disruption in business and service when an attack occurs.

Big or small, experts agree that businesses urgently need to look more into the cybersecurity landscape as industries continue to shift online in the new normal. It may seem intimidating and complicated with the various systems and jargon, but there are tools like Cisco SecureX that give businesses a single comprehensive platform to view threats and respond to them. 

Advertisement. Scroll to continue reading.

“[Cybersecurity] has to be foundational and has to be built into our digitization strategy and everything that we do today,” Singleton said. “It doesn’t matter if you’re a one-person company or if you’ve got tens of thousands of people. Potentially, everybody is vulnerable; attackers don’t discriminate.”

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

White Papers

When compared to 2023, Sophos saw a 51% increase in abusing “Living off the Land” binaries or LOLbins; since 2021, it’s increased by 83%.

HEADLINES

With the e-Commerce market projected to hit $24 billion by 2025, foodpanda sees significant growth potential in the local digital space.

HEADLINES

Emperador’s move to cashless payments reduces cash-handling risks, improves transaction speed, and enables the sales teams and retailers to focus on business growth and...

HEADLINES

inDrive gave away more than Php 1.1 million worth of rewards to its partner drivers which included a Honda ADV 160 motorcycle as the...

HEADLINES

Someone illegally acquires or uses personal information such as bank account or credit card numbers of another person to obtain money, goods or services....

HEADLINES

A leveled-up 5G connectivity, Smart 5G Max features significantly faster speeds for uploading and downloading, and ultra-low latency, providing customers with amazing mobile experiences.

HEADLINES

The project is expected to increase Asialink’s total loans to SMEs from Php 8.8 billion (around $150 million) to around Php 13 billion, with...

HEADLINES

The partnership enables MCU to integrate Fortinet’s Network Security Expert (NSE) training and certification program into its academic offerings, either as part of the curriculum or...

Advertisement