Ensure the first device to get infected is your last.

Back in the distant days of 2019, organisations treated working from home as an exception. While a few firms were taking advantage of affordable cloud solutions for a more flexible approach to work, they were ahead of the curve. Most of the day to day was still being done in the office.

The COVID pandemic catalysed a shift towards more flexible working, and the workplace has changed forever as a result. Research indicates that 76 per cent of employees feel they can perform their role just as successfully remotely as in the office. Further, 63 per cent of high-growth companies use a “productivity anywhere” model
in 2022. 

But alongside benefits like increased flexibility and greater work-life balance, the distributed hybrid work model has also increased organisations’ cyber

risk exposure. As hybrid work remains the norm, it is essential that organisations prioritise a security strategy that remains robust wherever employees work – at home, in a coffee shop, or at the office. As cyber attacks increase in frequency and severity, today resilience is about securing the entire hybrid work estate to ensure that when breaches happen, the first device or network infected is also the last.

HOW ARE THREAT ACTORS EXPLOITING REMOTE WORK TO INFILTRATE AN ORGANISATION’S IT?

Between cloud migration and widespread remote working, most organisations have a more dispersed infrastructure than a few years ago. There are more moving parts to manage and secure, and complexity continues to

threaten security. Threat actors were quick to take advantage of unprepared organisations making the cumbersome move to support a fully remote workforce in the early days of the pandemic. And they’re continuing to target inherent vulnerabilities that come with a distributed employee base. 

The average home network is unlikely to match the security capabilities of a corporate network, for example. Employees are also likely to be using personal devices during their workday, with research finding that over a third of remote workers prefer to mix business and personal machines. Personnel are also more isolated against social engineering tactics. It’s easier to fall for a phishing email impersonating a colleague when they are not sitting across from you in the office, for example. 

Compromising a remote worker’s device provides an adversary with a powerful tool to further their attack. While they can begin by exploiting a single endpoint to gain access to the enterprise’s larger IT environment, they can then move laterally across networks, datacentres and 

the cloud to find privileged accounts and compromise sensitive business assets. 

It’s also easier for an attacker to hide in a remote environment. Employees are now logging on at different hours and from a variety of IP addresses, making it more difficult to keep track of normal workload communications and user behaviour. As a result, attacks on hybrid work environments are costing organisations around $600,000 more than the global average cost of cyber attacks. 

HOW WHY IT IS SO IMPORTANT TO LIMIT ACCESS TO THE ESSENTIALS? 

Without the right precautions in place, a single compromised endpoint can open up pathways for bad actors to access more sensitive data and mission critical business applications. If the organisation has not implemented effective identity-based security controls or applied frameworks such as Zero Trust, there will be few barriers standing in the way of lateral movement – essentially granting attackers carte blanche to the entire organisation following an initial compromise. 

Over-provisioned user accounts are a gift to a network intruder, so organisations need to deploy a strict least-privilege approach that limits system access proactively by only providing the access absolutely necessary – shrinking the attack surface from the start.  Further, ransomware attacks can now move quickly enough – from a single compromised endpoint to broader organisational IT – to cause serious damage and disruption before the security team has a chance to detect and respond to the threat. So firms must have the ability to detect and contain attacks quickly.

The best way to limit access to essentials and reduce breach risks is to operate under an ‘assume breach’ mentality. Assume that bad actors or threats are already lurking across your cloud environments, datacentres and laptop estates – because they likely already are. 

HOW CAN ORGANIZATIONS REDUCE RISK?

As IT sprawl continues to expand, visibility and containment are critical above all else. Security teams must be able to see and stop attacks from spreading across any device linked to their network, no matter the location. This means a single point of control for all connections, and end-to-end visibility across the entire hybrid
IT estate. 

Firms must be able to uniformly enforce Zero Trust access controls and segmentation policies so users can only access necessary applications from the endpoint, rather than the entire IT environment by default. This will mitigate the harm a compromised endpoint can cause – making moving throughout the network far more time and resource intensive for attackers. In the end, adversaries pass the enterprise up in favour of softer targets.

Finally, containment strategies such as Zero Trust Segmentation prevents fast-acting ransomware from easily spreading through the network or from compromising additional devices. To maintain the flexibility and agility afforded by remote working, security  must work in a way that restricts threats, but not legitimate users. With the right approach, organisations can reap the benefits of hybrid working While also reducing risk and strengthening cyber resilience.  And in the current economic climate, resilience is everything.

Raghu Nandakumara

Head of Industry Solutions at Illumio

The Future of Smart Buildings: Trends in Occupancy Monitoring

Khai Zin Thein • 12th June 2024

Occupancy monitoring technology is revolutionising building management with advancements in AI and IoT. AI algorithms analyse data from IoT sensors, enabling automated adjustments in lighting, HVAC, and security systems based on occupancy levels. Modern systems leverage big data and AI to optimise space usage and resource management, reducing energy consumption and promoting sustainability. Enhanced encryption...

The need to weave agility throughout the business

John Craig Swartz SVP at POWWR • 11th June 2024

With geopolitical tensions, more extreme weather events and the legacy of a global pandemic, it is more difficult for energy suppliers to preserve their margins and remain competitive than ever before. To thrive in the current climate, it is imperative that a supplier makes marginal gains wherever they can. Profitability within the sector today hinges...

Artificial general intelligence is closer than expected

AI expert Stuart Fenton • 10th June 2024

Whilst most of the attention around artificial intelligence (AI) thus far has been on ChatGPT, it is just the tip of the iceberg. In many ways, ChatGPT shouldn’t be thought of as true AI as it is – at its heart – just generative, learned behaviour. The future of AI, in contrast, is a system...

The State of Data Streaming

Confluent • 06th June 2024

Confluent survey: 90% of respondents say data streaming platforms can lead to more product and service innovation in AI and ML development 86% of respondents cite data streaming as a strategic or important priority for IT investments in 2024 For 91% of respondents, data streaming platforms are critical or important for achieving data-related goals

The State of Data Streaming

Confluent • 06th June 2024

Confluent survey: 90% of respondents say data streaming platforms can lead to more product and service innovation in AI and ML development 86% of respondents cite data streaming as a strategic or important priority for IT investments in 2024 For 91% of respondents, data streaming platforms are critical or important for achieving data-related goals

Grant Funding Awarded to Advance Cancer Therapeutics Discovery

Dr Alan Roth • 04th June 2024

The CRUK (Cancer Research UK) Scotland Institute and Oxford Drug Design, a biotechnology company with core expertise in AI drug discovery, have announced that their joint application for the MRC (UK Medical Research Council) National Mouse Genetics Network (NMGN) Business Engagement Fund has been awarded.

Grant Funding Awarded to Advance Cancer Therapeutics Discovery

Dr Alan Roth • 04th June 2024

The CRUK (Cancer Research UK) Scotland Institute and Oxford Drug Design, a biotechnology company with core expertise in AI drug discovery, have announced that their joint application for the MRC (UK Medical Research Council) National Mouse Genetics Network (NMGN) Business Engagement Fund has been awarded.