New home risks

by Mark Rowe

We are seeing our way of life change in ways that were almost unimaginable just months ago. Millions of people are now working from home, being forced to adapt and find new ways of completing their daily tasks, writes Charles Eagan, pictured, Chief Technology Officer at BlackBerry.

The workforce is anxious, scared, and stressed, and we are relying on IT like never before – what used to be a chat in the office is now a video call. Meetings are now virtual, and quick catch-ups are done over the phone.

Freed of the constraints of an office, each employee is creating their own unique approach to their job – employment is becoming less about when someone works, and more about what work they do. Employees are also using a mix of corporate-issued and personal devices to get their work done.

Home is the new enterprise. And this comes with risks.

Frequent attack vectors

Take, for instance, one of the most frequent attack vectors: phishing emails. With an increasing number of employees logging in from home, phishing attacks and more advanced threats are being deployed by malicious actors at a rapidly growing pace. These actors realise that traditional security models – based on human input – are susceptible to attack during times of panic and high stress.

An employee might follow instructions in a phishing email not only because it looks authentic, but that it conveys some urgency (usually from a manager or someone else of importance). In cybersecurity terms, simple mistakes can result in dire consequences: according to a recent survey of over 500 IT professionals in the financial services industry, a whopping 94% said that they lack confidence in the ability of employees, consultants, and partners to safeguard customer data.

To be fair, this isn’t the fault of employees, who are all too often (and unfairly) dubbed the weak link in a business’s efforts to prevent cyber-attacks. The security solutions that employees are provided with are often difficult to use, or even prohibitive to daily productivity. The inevitable result is well-intentioned workarounds that open up new vulnerabilities.

The security industry must charge forward with efforts to ensure cybersecurity for a remote workforce: each employee’s home environment must be protected at the same security level as the corporate office. Businesses must ensure a secure remote work solution that can accommodate different operating systems, and allows employees to securely access apps, intranet, and corporate files. As the COVID-19 outbreak continues to limit the number of IT personnel and resources typically dedicated to cybersecurity, our research indicates that espionage activity will only grow, and attackers already have tools in place to take advantage of critical systems.

Cybersecurity is, at the best of times, a complex domain, with many unknowns and moving parts that could vary greatly from one organisation to another – and a geographically-dispersed workforce only complicates things further. This is where AI-based solutions can support the challenge in hugely helpful way: through the ability to learn and adapt, AI solutions can dynamically react and adjust to an organisation’s needs and risk profiles.

AI and automation

This is a far cry from the sensationalistic sci-fi scenes of a robot takeover. Yes, AI can solve complex problems with a level of consistency and speed that’s unmatched by human intelligence. But it can’t replace human intelligence where it’s needed most: we must choose the right problems to solve. Once we identify that, we can start collecting the right data, designing the right solution, and creating the right process for our AI solutions to adapt, learn from feedback, and produce results.

Despite the constant talk of automation, the rise of the robots, and artificial intelligence taking over, this crisis has reminded us just how important people are – technology can only get us so far. No one has taken to their front step or balcony every Thursday evening to clap and cheer for technology. It’s the people that truly matter and inspire us.

AI is about empowering human intelligence. If we can use AI to do some of the heavy lifting of data security, we can give employees back some valuable time to focus more on what they do best: creative thinking, problem solving, running the business, and getting on with their own lives with their families. It’s times like these when AI can best support us.

Related News

  • Interviews

    Our covid-19 work rules

    by Mark Rowe

    We’ve not heard from Wilson Chowdhry, director of the London-based guarding company AA Security for a while; all the more reason to…

  • Interviews

    Cyber attack rise

    by msecadm4921

    Six months on from the launch of the UK Government’s Cyber Security Strategy, most – 85pc – of businesses say they expect…

  • Interviews

    Alternatives to metal

    by Mark Rowe

    Despite new laws to tackle UK scrap metal thefts, most businesses now insist on buying workplace products made out of alternative materials…


Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing