Opinion: a company's own employees represents as much of a danger to an organisation's cybersecurity as malicious outsiders

The pandemic forced organisations to embrace the largest remote workforce in history and this upheaval has brought an increasing number of cyber vulnerabilties to the fore. While safe in an organisational setting when it comes to cybersecurity, working from home employees tend to develop security amnesia.

This means they often abandon routine security practices, such as establishing authentication procedures, or forwarding suspicious emails, links or attachments to their IT department. They also forget to report phone calls from social engineers, designed to extract valuable information under the guise of pretending to be clients, customers, or employees from other offices.

While employees might initially plan to report such occurrences, they often do not, continuing instead to absentmindedly open links and attachments, and engage in these phone calls without asking for proper verification. Unfortunately, it is the well-intentioned yet careless worker, vendor, consultant, or other stakeholder that represents as much of a danger to an organisation's cybersecurity as faceless people on the outside.

We need your consent to load this rte-player contentWe use rte-player to manage extra content that can set cookies on your device and collect data about your activity. Please review their details and accept them to load the content.Manage Preferences

From RTÉ Radio 1's Today With Claire Byrne, Smart Tech's Ronan Murphy on the growing number of cyber attacks

Organisations must remain committed to not leaving business processes, personal data or vital infrastructure at risk, which has proved challenging for most. As remote working establishes itself as the new normal, criminals are seeking to capitalize on the widespread uncertainty, and succeeding. For example, authentication vulnerabilities were exposed in schools around the world adopting e-learning platforms, with reported cases of "Zoom" classroom hijackers sharing inappropriate material with minors.

Exploiting similar vulnerabilities has led to the average data breach in 2021 costing €4 million, up from €3.8 million in 2020. The cost increased by an additional €1 million when remote work was a factor in causing the breach. These figures are on the back of a 600% spike in phising emails, Google blocking 18 million malware and phishing emails a day and remote workers causing a security breach in 20% of organisations. According to the Federal Bureau of Investigation, the number of successful attacks across the United States rose by 600%, and across the globe by 300% since the pandemic began.

These are stark figures. But even though 46% of organisations reported an increased amount of cybersecurity threats related to remote working, with 49% actually expecting an incident or data breach, cybersecurity spending during the pandemic actually decreased.

We need your consent to load this rte-player contentWe use rte-player to manage extra content that can set cookies on your device and collect data about your activity. Please review their details and accept them to load the content.Manage Preferences

From RTÉ News at One, the number of cyber crime cases jumped over 150% in 2021

Given the significant costs of a data breach to multiple parties, it is critical to implement protection mechanisms for both general and specific threats. Unfortunately, connecting any system to the internet brings security risks.

Indeed, accessing any internet resource opens a communication path that crosses a suite of network equipment from where the connection begins to the destination system, with each communication node representing a potential security vulnerability. While most nodes are secured by internet service providers, it is difficult to guarantee the integrity of data transferred between the origin and destination system. The onus is now on organisations to ensure any endpoint that an employee is using is fully protected.

Traditionally, organisations have spent considerable resources to promote a secure working environment in their offices, but the pandemic has disrupted this. While the workforce can remain just as productive working from home (if not more so), organisations need to ensure that these remote working conditions keeps company data as secure as it was in the corporate office.

We need your consent to load this rte-player contentWe use rte-player to manage extra content that can set cookies on your device and collect data about your activity. Please review their details and accept them to load the content.Manage Preferences

From RTÉ One's Claire Byrne Live, a report on scam emails

Unfortunately, valuable lessons have had to be learned by organisations because of employees abandoning routine security practices when working from home. Threats such as unsecure private wi-fi, public hotspots, and lack of authentication policies are now of the utmost importance due to the sudden restrictions posed by Covid-19 that now remain in situ when working from home.

It is vital that advanced technologies, training and compliance are developed to safeguard sensitive company data. For example, employees are now working from a home wi-fi network or public hotspot instead of the more secure office router that offers enhanced security features. These networks are more susceptible to cybersecurity risk due to their architecture with perimeter security measures, intrusion prevention systems and phishing filter software rarely used. Attackers now have multiple entry points and employers must consoider the heightened security risks of having a remote and dispersed workforce.

Organisations should not ignore the vital part their employees play in protecting, securing and keeping their data safe. While employees in most cases receive some security training upon joining an organisation, this training is unfortunately rarely delivered on a routine basis. To date, most organisations have not developed or circulated a policy and procedure for remote workers. At a minimum, organisations must invest and train their remote workers in the use of VPN connections, multi-factor authentications, device risk posture check and zero trust network access policies.

READ: Do cyber security experts practise what they preach?

Both organisations and employees have embraced remote work as a new way of business life. Yet, as more people continue to join and engage with digital platforms as part of their daily routine, the number of cyberattacks also increases. These attacks are becoming more sophisticated, and new playing fields are opening up for cybercriminals to target and exploit.

Organisations need to take immediate action to mitigate these evolving cybersecurity threats created by this sudden shift to remote working. Failure to do so would leave confidential data vulnerable to outside interference. Being reactive is no longer an option: organisations must be proactive, and work with their employees and security teams to ensure that they are offering the best protection available.


The views expressed here are those of the author and do not represent or reflect the views of RTÉ