The ongoing struggle in managing remote working staff members is continuing to open up gaping holes in corporate cybersecurity larger than at any time prior to the pandemic, with the insider threat now raised to critical levels.
Cybersecurity vendor Netwrix Took a poll of close to 1000 IT professionals focused on how COVID-19 affected the risk landscape to include for its 2020 Cyber Threats Report. Around 250 admitted that in the current climate they feel more vulnerable to threat than at a time before the pandemic took effect, with around 85% of CISOs confirming that they sacrificed their cybersecurity in order to instigate home working.
As a result, 60% of respondents feel that security gaps have been left wide open in the process.
Breaking It Down
In breaking down the percentages, the chief concern focuses on user behaviour and the potential of employees ignoring security rules and jeopardising data.
Insider risks when broken down pose the most critical threats in accidental improper data sharing (68%); cloud service misconfigurations (66%); mistakes implemented by IT admin (62%) and the theft of data by employees (66%).
After phishing, the most common incidents that corporations are experiencing centre on accidental IT mistakes and improper data shares. They also take the longest to detect, with most cases falling into days before discovery instead of hours or minutes. By then it is obviously too late and whatever has been accessed is already compromised.
With large enterprises, the most likely to experience IT admin mistakes (with 33% suffering as low as one incident since home working implementation), the home working insider threat is a problem that needs addressing straight away.
By paying more attention to how data is being handled within a home environment and ensuring that security policies are upheld, it is time to focus on further measures to ensure safety. Such areas include tracking user activity, automating change and configuration auditing. Also having alerts be enabled for harmful actions to ensure that any misbehaviour by an insider is early detected and handled immediately.
At Whitehall Media we strive to see implementation and strategies evolve to securing better means in how to protect data online. Contact our team and join our events to gain up to date news and talks with industry professionals into how to tackle what is considered a data breach and the steps that need to be taken.