Ensure the first device to get infected is your last.

Back in the distant days of 2019, organisations treated working from home as an exception. While a few firms were taking advantage of affordable cloud solutions for a more flexible approach to work, they were ahead of the curve. Most of the day to day was still being done in the office.

The COVID pandemic catalysed a shift towards more flexible working, and the workplace has changed forever as a result. Research indicates that 76 per cent of employees feel they can perform their role just as successfully remotely as in the office. Further, 63 per cent of high-growth companies use a “productivity anywhere” model
in 2022. 

But alongside benefits like increased flexibility and greater work-life balance, the distributed hybrid work model has also increased organisations’ cyber

risk exposure. As hybrid work remains the norm, it is essential that organisations prioritise a security strategy that remains robust wherever employees work – at home, in a coffee shop, or at the office. As cyber attacks increase in frequency and severity, today resilience is about securing the entire hybrid work estate to ensure that when breaches happen, the first device or network infected is also the last.

HOW ARE THREAT ACTORS EXPLOITING REMOTE WORK TO INFILTRATE AN ORGANISATION’S IT?

Between cloud migration and widespread remote working, most organisations have a more dispersed infrastructure than a few years ago. There are more moving parts to manage and secure, and complexity continues to

threaten security. Threat actors were quick to take advantage of unprepared organisations making the cumbersome move to support a fully remote workforce in the early days of the pandemic. And they’re continuing to target inherent vulnerabilities that come with a distributed employee base. 

The average home network is unlikely to match the security capabilities of a corporate network, for example. Employees are also likely to be using personal devices during their workday, with research finding that over a third of remote workers prefer to mix business and personal machines. Personnel are also more isolated against social engineering tactics. It’s easier to fall for a phishing email impersonating a colleague when they are not sitting across from you in the office, for example. 

Compromising a remote worker’s device provides an adversary with a powerful tool to further their attack. While they can begin by exploiting a single endpoint to gain access to the enterprise’s larger IT environment, they can then move laterally across networks, datacentres and 

the cloud to find privileged accounts and compromise sensitive business assets. 

It’s also easier for an attacker to hide in a remote environment. Employees are now logging on at different hours and from a variety of IP addresses, making it more difficult to keep track of normal workload communications and user behaviour. As a result, attacks on hybrid work environments are costing organisations around $600,000 more than the global average cost of cyber attacks. 

HOW WHY IT IS SO IMPORTANT TO LIMIT ACCESS TO THE ESSENTIALS? 

Without the right precautions in place, a single compromised endpoint can open up pathways for bad actors to access more sensitive data and mission critical business applications. If the organisation has not implemented effective identity-based security controls or applied frameworks such as Zero Trust, there will be few barriers standing in the way of lateral movement – essentially granting attackers carte blanche to the entire organisation following an initial compromise. 

Over-provisioned user accounts are a gift to a network intruder, so organisations need to deploy a strict least-privilege approach that limits system access proactively by only providing the access absolutely necessary – shrinking the attack surface from the start.  Further, ransomware attacks can now move quickly enough – from a single compromised endpoint to broader organisational IT – to cause serious damage and disruption before the security team has a chance to detect and respond to the threat. So firms must have the ability to detect and contain attacks quickly.

The best way to limit access to essentials and reduce breach risks is to operate under an ‘assume breach’ mentality. Assume that bad actors or threats are already lurking across your cloud environments, datacentres and laptop estates – because they likely already are. 

HOW CAN ORGANIZATIONS REDUCE RISK?

As IT sprawl continues to expand, visibility and containment are critical above all else. Security teams must be able to see and stop attacks from spreading across any device linked to their network, no matter the location. This means a single point of control for all connections, and end-to-end visibility across the entire hybrid
IT estate. 

Firms must be able to uniformly enforce Zero Trust access controls and segmentation policies so users can only access necessary applications from the endpoint, rather than the entire IT environment by default. This will mitigate the harm a compromised endpoint can cause – making moving throughout the network far more time and resource intensive for attackers. In the end, adversaries pass the enterprise up in favour of softer targets.

Finally, containment strategies such as Zero Trust Segmentation prevents fast-acting ransomware from easily spreading through the network or from compromising additional devices. To maintain the flexibility and agility afforded by remote working, security  must work in a way that restricts threats, but not legitimate users. With the right approach, organisations can reap the benefits of hybrid working While also reducing risk and strengthening cyber resilience.  And in the current economic climate, resilience is everything.

An image of , News, Ensure the first device to get infected is your last.

Raghu Nandakumara

Head of Industry Solutions at Illumio

AI alignment: teaching tech human language

Daniel Langkilde • 05th February 2024

However, Embodied AI refers to robots, virtual assistants or other intelligent systems that can interact with and learn from a physical environment. In order to do this, they’re built with sensors that can gather data from their surroundings, with this they also have AI systems that help them analyse data they collect, and ultimately learn...

CARMA announces acquisition of mmi Analytics

Jason Weekes • 01st February 2024

CARMA announces acquisition of mmi Analytics, expanding expertise in Beauty, Fashion, and Lifestyle sectors The combined organisation is set to redefine the landscape of media intelligence, providing unparalleled expertise and comprehensive insights for PR professional and marketers in the exciting world of beauty, fashion and lifestyle.

Managing Private Content Exposure Risk in 2024

Tim Freestone • 31st January 2024

Managing the privacy and compliance of sensitive content communications is getting more and more difficult for businesses. Cybercriminals continue to evolve their approaches, making it harder than ever to identify, stop, and mitigate the damages of malicious attacks. But, what are the key issues for IT admins to look out for in 2024?

Revolutionizing Ground Warfare Environment with Software-Enabled Armored Vehicles

Wind River • 31st January 2024

Armoured vehicles which are purpose-built for mission-critical operations are reliant on control systems that provide deterministic behaviour to meet hard real-time requirements, deliver extreme reliability, and meet rigorous security requirements against evolving threats. Wind River® has the partners and the expertise, a proven real-time operating system (RTOS), software lifecycle management techniques, and an extensive track...

The need to prove environmental accountability

Matt Tormollen • 31st January 2024

We are currently in the midst of one of the most consequential energy transitions since records began. The increasing availability of clean electrons has motivated businesses in the UK and beyond to think green. And for good reason. Being environmentally conscious attracts customers, appeases regulators, retains staff, and can even gain handouts from government. The...

Fuelling Innovation in Aftermarket

Jim Monaghan • 31st January 2024

One section of the motor trade is benefitting from the cost-of-living crisis: with consumers keeping their cars for longer, independent repairers are in huge demand. But they are also under pressure. Older cars need more repairs. They require more replacement parts, tyres and fluids. With car owners looking for value and a fast turn-around, independents...

The return of the five-day office week

Virgin Media • 25th January 2024

Virgin Media O2 Business has today published its inaugural Annual Movers Index, revealing four in ten companies are back to the office full time, despite widespread travel delays and disruptions With 2023 cementing the cost-of-living crisis, second hand shopping and public transport use surged as Brits sought to save money Using aggregated and anonymised UK...