Presented by Field Effect
Hybrid work environments create new cyber risks, regardless of the size of your business – especially with an increase in cybercrime. Join this VB Live event to learn about the new risks and how to effectively protect your networks, cloud services and endpoints.
Book your place here for free.
The pandemic showed that a hybrid work environment is a huge boost to employee well-being and productivity – but it is also a huge increased risk for companies. In the cost of a data law study in 2021, the average total cost increased by nearly 10% to $ 4.24 million, the highest ever recorded. The cost was even higher as telework is believed to be a factor causing the breach, rising to $ 4.96 million.
Employers are facing a whole new security landscape now that they are facing a risk factor multiplied by all the ways their employees connect, says Andrew Milne, head of revenue at Field Effect.
“Employers need to embrace the new zero-confidence model,” Milne says. “Instead of having it ‘How do you protect everything?’ it becomes ‘How do you react internally?’ You look at the holistic view of the network, versus looking at a singularity or points of interest. ”
The problem, as always, is that new technologies create new risks, and the shift to teleworking has made it easier for malicious actors to identify vulnerabilities. A lot of them took the opportunity as the work mostly went far in the COVID era. IT teams were forced to start responding on the fly to new threats and open up new vectors that did not previously exist. On top of that, the rise in cybercrime like service and malware automation has put IT executives in a bad place.
Plus, the more people who work, the greater the risk. But no matter how many employees you have, there is a clear connection between human activities and the risk in an environment. Employee actions, such as To fall for a scammer’s social technique or mechanical faults, such as. Forwarding an email by accident and so on can lead to security incidents.
To respond to the risks
There are a number of ways to respond to the increased risks, Milne says. More complexity requires more sophisticated threat detection, more holistic views, and staff setting up.
“We talk about education, training and vigilance around the ability to reduce the likelihood of a mistake,” he says. “And while we are telling people to be vigilant, we need to give people tools to respond with vigilance and be part of the overall security vector.”
It is also important to take preventive measures.
“We keep talking about the same things over and over again, which are the easy things people can do,” he says. “We can activate multi-factor authentication. Again, you need to educate employees about cybersecurity and share responsibilities across the company. And invest in security solutions that offer more in-depth monitoring, e.g. MDR manages, detects and responds across the entire environment. ”
Still, the biggest problem, he says, is that most companies have skipped so many basic things in a hurry to move to a new hybrid environment. Many have not updated security plans and policies or appoint a person internally to ensure that someone is responsible for overseeing the entire process.
“It can not be a shared responsibility at all,” he explains. “It has to be focused. Someone has to be ‘the’ person. And then find tools to keep evolving and be holistic with a monitoring approach around the clock. It is very important. ”
For many security tools, endpoint solutions are for just one particular part of the solution, but they are not the whole of the solution. Risk mitigation is about seeing it through a holistic view, not just a single lens, and finding a solution that takes a holistic, end-to-end approach to monitoring, detecting and responding to these elements. This is what takes the risks out of your entire IT environment by adding a level of support.
As we enter 2022 and know that hybrid is here to stay, Milne’s biggest reminder for safety leaders is You do not know what you do not know. Knowing your network, knowing your threats and knowing how to respond to those threats is everything.
“People are still coming in and dealing with the cleanup versus moving into a defensive state,” he says. “It is no longer enough to say that they did not know. You must be in knowledge at all times. When you know it, you can act. ”
If you want to know more about the risks that await companies moving to hybrid solutions, how to secure your data regardless of the size of your business, and how to go from responding to violations to action to prevent threats, do not miss this VB Live event.
Sign up for free here.
- The biggest cyber risks associated with hybrid environments
- New threats to start-ups, upscaling and medium-sized companies
- Steps to create a secure infrastructure for new labor standards
- How to reduce risk and maximize defense (even if your IT is outsourced)
- Andrew Milne, Chief Revenue Officer, Field Effect
- William H. Dutton, Oxford Martin Fellow, Global Cyber Security Capacity Center (GCSCC), University of Oxford
- Ernie Sherman, Chairman, Fuel Network
- Seth Colaner, Moderator, VentureBeat