Cybersecurity has become a growing priority and focus of late, partly as a result of the Colonial Pipeline cyberattack in the US.
However, there have also been risks associated with new working patterns. As employees manage hybrid and remote working, there are more cyber risks because IT support can’t easily access hardware and afflicted computers when remote.
This issue has been punctuated by surprising demographics falling victim to cyberattacks.
A report by National Cybersecurity Alliance and CybSafe found that all generations are at risk from cyber threats. After polling 2,000 people in the US and UK, the study found that 44% of millennials and 51% of Gen Z have experienced a cyber threat, while 21% of baby boomers have experienced a cyber threat.
Additionally, fewer than half of respondents (46%) say they use a different password for important online accounts. This led the study to conclude that the general public is failing to adopt or understand cybersecurity best practices.
The study also found that incidents frequently go under-reported and training is absent for most employees.
Speaking about the results, Lisa Plaggemier, Interim Executive Director, National Cybersecurity Alliance, stated: “The cybersecurity threat landscape is as complex and diverse as it has ever been.
“The daily headlines of data breaches and ransomware attacks is a testament to the problem getting worse, yet most people aren’t aware of the simple steps they can take to be a part of the solution. It’s critical to have a deeper understanding of both the challenges we face and the prevailing attitudes and behaviors among the public.”
The challenges facing cybersecurity teams are clear, but tackling these issues is not a simple task.
As a result, Charlie Acfield, Technical IT Director at Totality Services, London’s leading and award-winning IT support expert, has discussed what problems staff need to overcome and what they can do to mitigate these issues.
Acfield identifies three key areas that need to be addressed.
1. Remote company data access
Acfield states remote company data “creates the most prominent risks.” This is because the hardware that staff use can’t easily be accessed by IT staff and IT can’t control the network security settings that staff use.
2. Personal/unmanaged device usage
There are also concerns around personal and unmanaged devices accessing company data from unsecure networks, which Acfield notes can present a risk.
3. On-site business application
Finally, Acfield notes: “Particularly problematic are legacy line-of-business applications which more often than not reside on on-premise company servers”
Expert tips for cybersecurity
Many of these issues will be familiar to IT security staff, but Acfield offers tips on how staff can be compliant with HR regulations and what needs to be communicated better to employees.
1. Protect cloud platform
Acfield recommends implementing multi-Factor Authentication (MFA), encryption, and preventing staff from downloading data to unknown/personal devices.
2. Device security
There is also a need to use services such as Domain Name System (DNS) protection and have a permanently working VPN back into the office or data center.
This kind of protection can simply verify whether a website is legitimate and reduces the chances of successful phishing attacks.
3. Migrate on-premise applications
Acfield explains: “On-premise applications can often be migrated to cloud platforms such as Microsoft Azure Virtual Desktops which can provide far greater security and flexibility than is possible on traditional corporate networks and servers.”