As government agencies and organizations embrace hybrid work models, they must actively adopt security strategies to protect against threats.
The world heavyweight champion Mike Tyson famously quipped that, “Everybody has a plan until they get punched in the mouth.” Tyson’s statement rings true not just in boxing, but in cybersecurity as well. Even the strongest cybersecurity plans should be reexamined long before any punches are thrown — and this is more important than ever as a more hybrid approach to work is expected to continue for the foreseeable future. According to a CNBC survey of executives at major US companies, 45% of companies expect to lead with a hybrid workforce model in the second half of 2021.
Credit: fotokitas via Adobe Stock
Organizations may feel protected against cybersecurity threats with solutions such as virtual private networks (VPN) or virtual desktop infrastructure (VDI), but these solutions are vulnerable to common cyberattacks that can pack a devastating punch.
As hybrid work models become the new normal, federal agencies and commercial organizations alike should examine new approaches to cybersecurity, such as continuous, active monitoring and zero-trust access to ensure their cyber defenses work reliably, no matter where their employees perform their work.
Challenges With Standard Approaches to Security
Many organizations have turned to virtualization — VDI or cloud-native applications — to reduce the amount of data stored on endpoints, thus reducing the risk of data exfiltration from physical asset loss. Unfortunately, this approach has provided a false sense of security on endpoint protection and residual risk to enterprise assets. While data extraction is a significant risk, malicious injection of key loggers, advanced persistent threats, and other coordinated attacks against broader enterprise resources are potentially more damaging to organizations.
Hybrid Work and Its Unique Challenges for IT Leaders
Teleworking scenarios compound enterprise security concerns by reducing physical protections, expanding user access to compromised access points and/or networks, while providing organizations with fewer insights into user behavior when employees are not connected to corporate networks. Organizations lack insight into device status and ability to control security configurations until devices are decrypted, fully booted, and connected to enterprise monitoring tools — even then many tools are only used for post-event investigation. Users operating in a “disconnected state” could be subject to a number of malicious activities, intentionally or unknowingly, such as a USB compromise, microphone and camera driver attacks, and network spoofing.
According to recent research from Gartner, by the end of 2021, 51% of all knowledge workers, or individuals whose jobs involve handing or using information vs. physical or manual labor, worldwide are expected to be working remotely, up from 27% in 2019. However, teleworking presents a unique challenge for CIOs and IT leaders as they attempt to ensure their employees remain productive while keeping sensitive data out of the wrong hands. Providing employees remote access to an organization’s networks and data creates multiple vulnerabilities and attack vectors,