Building cyber-resilience in the age of remote work

by John Karabin

16 November 2020

Colleagues brainstorming in a workshop

Co-written by: Sean Duca, Regional Chief Security Officer, Asia Pacific & Japan, Palo Alto 

With the acceleration of the remote workforce, business continuity must adapt to secure the new way of working

As our workplaces have changed, so has the cyber-threat landscape. Until now, most organizations have had the luxury of developing and implementing security measures to meet the requirements of planned digital transformation projects. That all changed with the COVID-19 pandemic. Now, unplanned digital transformation has happened in a matter of weeks, but with long term consequences that will be felt for the next few years.

With communities and businesses around the world locked down, leaders have had to rapidly operationalize remote working practices and rely more on cloud-based tools to keep employees and customers engaged. This is increasing organizations’ reliance on the very systems that attackers have already been targeting, and many are being deployed in a rush and without adequate planning. Similarly, employees are more frequently using the same devices for both work and personal use, exposing businesses to new vulnerabilities and additional threats.

Thanks to worldwide lockdowns, business leaders have had to rapidly operationalize remote working practices and rely more on cloud-based tools to keep employees and customers engaged

A recent NTT Ltd. report that surveyed 130 participants in Australia and New Zealand found that less than a third of all businesses (28.5%) have changed their IT policy to help employees work within a new operating model. At the same time well under half (38.5%) have deployed new communication and productivity tools. In many cases, employees have been allowed to use personal devices and applications, significantly increasing security risks — particularly as only 46.2% of employees improved their IT security to cater for these increased risks. At the same time, the latest findings from NTT Ltd.’s GTIC Monthly Threat Report for October 2020 show that Business Email Compromise attacks have become more dangerous and efficient over the past eight years, and more profitable than ever for threat actors.

This is why it’s crucial to integrate a secure workplace solution into business functions, enabling employees to work from wherever they are, with whoever they need to, however they want to and from whatever device they choose.

Three distinct phases of workforce transformation are required to implement a secure workplace.

Acceleration of the remote workforce

The first phase involves rapidly scaling up to enable remote working. Part of this phase involves finding efficient ways to use collaboration and video-conferencing tools from any location while staying secure.

Being almost 10 months into the pandemic, it’s safe to say that the majority of organizations have already done this. However, during this time, limitations on the tools people use to access remote work were exposed, thanks to massively increased workloads. For example, many remote workforces experienced performance issues, particularly associated with doing video conferences, because of the sheer, unplanned demand on systems and infrastructure.

This remote shift also includes an increased reliance on web platforms (e.g. customer portals and supporting web applications); in turn, increasing reliance on the very systems that attackers have already been targeting. In the latest findings from NTT Ltd.’s 2020 Global Threat Intelligence Report (GTIR), application-specific (40%) and web-application (20%) attacks dominated in Australia, accounting for nearly 60% of all attacks combined.

Business continuity must adapt

Business continuity is difficult to plan for at the best of times, but the lesson from COVID-19 is that ‘unplanned accelerated transformation’ must be a core part of future scenario planning.

This second phase involves revisiting business continuity plans and accepting that they may not align with future realities. Automated and cloud-based tools offer flexibility when old habits and processes can’t be implemented anymore. Five years ago, people were running applications like SAP and Exchange on-premises. Fast-forward to today and half of those applications are sitting in Azure, AWS or being consumed as a service — and this is happening in every organization.

The positive news is that, because COVID has rapidly accelerated the adoption of new architectures, companies should have the technological flexibility to deal with future crises. But to combat the ‘unknown knowns’ of the future, cyber-approaches that complement these new technologies should be seen as a core element of business continuity planning. By implementing advanced approaches such as Zero Trust and SASE, the level of automation (including artificial intelligence and machine learning), can be increased, ensuring that hardware and applications are resilient around the clock.

These new tools and platforms can be added rapidly and scaled up and down with less concern for increasing the level of vulnerability of an organization.

Securing the new way of working

In reality, we’re already in ‘the future of work’. Work now ‘comes to you’, and not the other way around. This final phase will only increase the importance of cloud-based solutions and have lasting consequences for the work environment – from commercial real estate and office layouts to hot-desking and to the increased flexibility of work-from-anywhere. Organizations will be placing greater emphasis on automation to tailor web-based platforms, such as portals and supporting web applications to the individual needs of employees and customers. As such, a secure-by-design approach that takes into account each user’s unique needs and deploys AI-driven, context-based security will give customers and employees confidence that their interactions and data are secure.

According to the 2019 Gartner Top Technologies and Trends Driving the Digital Workplace, ‘over the next several years, the greatest source of competitive advantage for 30% of organizations will come from the workforce’s ability to creatively exploit emerging technologies’. COVID-19 has resulted in the most rapid workplace transformation in modern history, and it’s served as a wake-up call for traditional security and business continuity practices. The new workplace has made us think about improving remote worker security and application access in the event of a problem. And the benefit is we’re now better prepared to move into the future.

2020 Global Threat Intelligence Report for more insights on the latest trends in cybersecurity here: https://hello.global.ntt/en-us/insights/2020-global-threat-intelligence-report 

John Karabin

John Karabin

Director of Cybersecurity, Australia, NTT Ltd.