By Mariam Clementson ,
Sales Leadership - Manager: Consumer & Commercial
30/03/2022 · 3 minute read
Ever since the emergence of Covid-19, the need for working remotely has increased drastically. A remote working environment may have been a challenge for many organisations, given the vast amount of preparation required to shift workforces to remote working environments in a short period of time, but many employees and employers also experienced benefits of remote working such as:
The pandemic certainly changed the ways of working and employees have now come to expect a level of flexibility when it comes to their work environment. Employers that are able to adapt to this new way of working and provide their employees with flexibility are more likely to attract and retain top talent.
Among all the positive aspects of working from home, there are also risks that organisations may face, cyber security risks and online threats are chief among these. Employees do not necessarily have the same level of cyber security on their computers and mobile phones when they are working remotely, as they do at the office, which likely increases their exposure to cyber security threats. Organisations will need to manage this quickly to avoid cyber security breaches.
As organisations transition to the new ways of working, the resulting changes to the company’s cyber security risk profiles must be repeatedly assessed and monitored.
Your risk management and business personnel should work together to re-evaluate cyber security budgets and prioritise investments to improve a company’s cyber resilience in line with its risk tolerance.
Start with measures that can be implemented immediately such as:
Examine new security tools and requirements for sharing and maintaining private information with vendors.
For example organisations may need to adopt:
Ensure that vendors that aren’t currently prepared for heightened cyber-attack risk commit to developing cyber preparedness plans to safely handle information or interact with your company’s network.
Finally, develop instruments to understand how your security programme changes reduce cyber security risks after each initiative is rolled out. This is not a one-and-done exercise; organisations need ongoing agility to hit what is a decidedly moving target.
Employees need to be informed of new cyber risks and reminded of their role in effectively preventing, detecting, responding to, and recovering from cyber-attacks.
Design role-based training programmes and exercises to raise the awareness at every level of new and changed cyber risks introduced by increased remote working. Training programmes should cover new threats, rules for approved device and data use, and processes to report suspected cyber incidents.
Engage in walk-throughs and simulations for new cyber-attack scenarios armed with playbooks that provide clear guidelines for required actions, including when (and to whom) decisions should be escalated. By doing so, teams can identify shortcomings that must be overcome in order to respond effectively to cyber-attacks.
Much of the operational shift that has occurred as a result of the pandemic will outlast the immediate crisis and aftermath. To adapt securely, organisations need to understand how their cyber risk profiles have changed and must revamp their strategies, training, and exercises to address threats and minimise risks.