Ensure the first device to get infected is your last.

Back in the distant days of 2019, organisations treated working from home as an exception. While a few firms were taking advantage of affordable cloud solutions for a more flexible approach to work, they were ahead of the curve. Most of the day to day was still being done in the office.

The COVID pandemic catalysed a shift towards more flexible working, and the workplace has changed forever as a result. Research indicates that 76 per cent of employees feel they can perform their role just as successfully remotely as in the office. Further, 63 per cent of high-growth companies use a “productivity anywhere” model
in 2022. 

But alongside benefits like increased flexibility and greater work-life balance, the distributed hybrid work model has also increased organisations’ cyber

risk exposure. As hybrid work remains the norm, it is essential that organisations prioritise a security strategy that remains robust wherever employees work – at home, in a coffee shop, or at the office. As cyber attacks increase in frequency and severity, today resilience is about securing the entire hybrid work estate to ensure that when breaches happen, the first device or network infected is also the last.

HOW ARE THREAT ACTORS EXPLOITING REMOTE WORK TO INFILTRATE AN ORGANISATION’S IT?

Between cloud migration and widespread remote working, most organisations have a more dispersed infrastructure than a few years ago. There are more moving parts to manage and secure, and complexity continues to

threaten security. Threat actors were quick to take advantage of unprepared organisations making the cumbersome move to support a fully remote workforce in the early days of the pandemic. And they’re continuing to target inherent vulnerabilities that come with a distributed employee base. 

The average home network is unlikely to match the security capabilities of a corporate network, for example. Employees are also likely to be using personal devices during their workday, with research finding that over a third of remote workers prefer to mix business and personal machines. Personnel are also more isolated against social engineering tactics. It’s easier to fall for a phishing email impersonating a colleague when they are not sitting across from you in the office, for example. 

Compromising a remote worker’s device provides an adversary with a powerful tool to further their attack. While they can begin by exploiting a single endpoint to gain access to the enterprise’s larger IT environment, they can then move laterally across networks, datacentres and 

the cloud to find privileged accounts and compromise sensitive business assets. 

It’s also easier for an attacker to hide in a remote environment. Employees are now logging on at different hours and from a variety of IP addresses, making it more difficult to keep track of normal workload communications and user behaviour. As a result, attacks on hybrid work environments are costing organisations around $600,000 more than the global average cost of cyber attacks. 

HOW WHY IT IS SO IMPORTANT TO LIMIT ACCESS TO THE ESSENTIALS? 

Without the right precautions in place, a single compromised endpoint can open up pathways for bad actors to access more sensitive data and mission critical business applications. If the organisation has not implemented effective identity-based security controls or applied frameworks such as Zero Trust, there will be few barriers standing in the way of lateral movement – essentially granting attackers carte blanche to the entire organisation following an initial compromise. 

Over-provisioned user accounts are a gift to a network intruder, so organisations need to deploy a strict least-privilege approach that limits system access proactively by only providing the access absolutely necessary – shrinking the attack surface from the start.  Further, ransomware attacks can now move quickly enough – from a single compromised endpoint to broader organisational IT – to cause serious damage and disruption before the security team has a chance to detect and respond to the threat. So firms must have the ability to detect and contain attacks quickly.

The best way to limit access to essentials and reduce breach risks is to operate under an ‘assume breach’ mentality. Assume that bad actors or threats are already lurking across your cloud environments, datacentres and laptop estates – because they likely already are. 

HOW CAN ORGANIZATIONS REDUCE RISK?

As IT sprawl continues to expand, visibility and containment are critical above all else. Security teams must be able to see and stop attacks from spreading across any device linked to their network, no matter the location. This means a single point of control for all connections, and end-to-end visibility across the entire hybrid
IT estate. 

Firms must be able to uniformly enforce Zero Trust access controls and segmentation policies so users can only access necessary applications from the endpoint, rather than the entire IT environment by default. This will mitigate the harm a compromised endpoint can cause – making moving throughout the network far more time and resource intensive for attackers. In the end, adversaries pass the enterprise up in favour of softer targets.

Finally, containment strategies such as Zero Trust Segmentation prevents fast-acting ransomware from easily spreading through the network or from compromising additional devices. To maintain the flexibility and agility afforded by remote working, security  must work in a way that restricts threats, but not legitimate users. With the right approach, organisations can reap the benefits of hybrid working While also reducing risk and strengthening cyber resilience.  And in the current economic climate, resilience is everything.

Raghu Nandakumara

Head of Industry Solutions at Illumio

Choose an AI solution to transform beyond technology

Kit Cox • 09th December 2024

The first step is knowing exactly what your business wants to achieve with AI; think faster, smarter and more efficient. Once you know what you are working towards, you can start looking for a solution that can help you make it a reality. AI integration can feel like a daunting task at the beginning, so...

A Roadmap to Security and Privacy Compliance

John Lynch Director of Kiteworks • 04th December 2024

Only by understanding the current regulatory environment and implementing robust data protection measures, can organisations enhance their security posture, ensure compliance, and build resilience against the latest cyber threats. This article provides a comprehensive roadmap of how to do it.

Data-Sharing Done Right: Finding the Best Business Approach

Bart Koek • 20th November 2024

To ensure data is not only available, but also accessible to those that need it, businesses recognise that it is vital to focus on collecting, sorting and governing all the data in their organisation. But what happens when data also needs to be accessed and shared across the business? That is where organisations discover a...

Nova: The Ultimate AI-Powered Martech Solution for Boosting Sales, Marketing...

Erin Lanahan • 19th November 2024

Discover how Nova, the AI-powered engine behind Launched, revolutionises Martech by automating sales and marketing tasks, enhancing personalisation, and delivering unmatched ROI. With advanced intent data integration, revenue attribution, and real-time insights, Nova empowers businesses to scale, streamline operations, and outperform competitors like 6Sense and 11x.ai. Experience the future of Martech with Nova’s transformative AI...

How E-commerce Marketers Can Win Black Friday

Sue Azari • 11th November 2024

As new global eCommerce players expand their influence across both European and US markets, traditional brands are navigating a rapidly shifting landscape. These fast-growing Asian platforms have gained traction by offering ultra-low prices, rapid product turnarounds, heavy investment in paid user acquisition, and leveraging viral social media trends to create demand almost in real-time. This...

Why microgrids are big news

Craig Tropea • 31st October 2024

As the world continues its march towards a greener future, businesses, communities, and individuals alike are all increasingly turning towards renewable energy sources to power their operations. What is most interesting, though, is how many of them are taking the pro-active position of researching, selecting, and implementing their preferred solutions without the assistance of traditional...

Is automation the silver bullet for customer retention?

Carter Busse • 22nd October 2024

CX innovation has accelerated rapidly since 2020, as business and consumer expectations evolved dramatically during the Covid-19 pandemic. Now, finding the best way to engage and respond to customers has become a top business priority and a key business challenge. Not only do customers expect the highest standard, but companies are prioritising superb CX to...