It has been reported that, according to new research, cyber attacks due to working from home have cost businesses £374million since the Covid crisis began. A survey of top finance and risk professionals at UK-listed companies found almost two-thirds of firms had suffered a cyber attack or data breach in the first 18 months of the pandemic. The majority of these attacks – 82 per cent – could be attributed to tech issues or behaviour related to working from home.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
<p>It should be no surprise that the massive, global shift to working from home has changed the cybersecurity landscape. It’s simply not possible to make a shift like that without dramatically changing the attack surface, and attackers are often able to adapt more quickly than organizations with other priorities.</p>
<p>With 87% of organizations being concerned about changing regulatory compliance this year, there will be a strong need for compliance expertise. It’s incredibly difficult to keep up with changes in the regulatory environment, and most organizations are subject to more than one standard. Combining expertise, internal or external, with increase automation is the only way to survive the increased regulatory pressure.</p>
<p>The results of this recent survey, which found that 82% of those who reported a breach say it resulted from “tech issues or behaviour related to working from home” are, unfortunately, not surprising. Over the past 18 months, Cato Networks\’ researchers <a href=\"https://u7061146.ct.sendgrid.net/ls/click?upn=4tNED-2FM8iDZJQyQ53jATUct9oZDPc-2F6YpB0QtpNfb14gNIB3FVuJRE5fxtj1CgLEljr5P1NlXE44s-2FLigAikm13B4d6fnTz9R4B9pFYbt5zMmq-2F-2BmGo8qs0KRIXHIjfR2pGTvPXc1H9EiK8oId79MEVGyhRZrAiabVf-2BQaYRkrR3pzmuCQtT8knqXQnq2zGBIwQ0vrqaD84PFSqf28n-2FybDsU9oFZTZaTwDUx1SeVps-3DzLD5_S3RA1gMvL7v1TdZrqvF2X48vY2LyH9KYdxKxBaPFp6Fl1TEEsXDQbgk-2FWPw9Ah5nwh5z3HPLIw79cePUeHvYGbACtpGEOUo9gKA7RdPV7CHYnRZ1BgjoepqPsAq5T4X7K-2Bw26wspumVv2xNKnDUQkYq-2BbQWyqMQKCImzeLk2NhiVeAzBKsIDIewCki-2BCrG0ojs-2B-2B5Apxa2XQOgUm0opbdIkDWKnfEeTuAeDwj-2BD-2BKbXMmwgTrnOr9vfPvDHLTPgVuW5rxwPOqKz9lCnqr0G0XWUdtudKjIpHi8-2BqAWN5gGM-2FqrgktzU-2Fj2LCp1qZ3aqNfHqq8R67mIzuxuUMYK0L53YFLL0uIStJlXzBh56oLpPAyjXXtjcIBH-2BAjEx16aLg\" target=\"_blank\" rel=\"noopener\" data-saferedirecturl=\"https://www.google.com/url?q=https://u7061146.ct.sendgrid.net/ls/click?upn4tNED-2FM8iDZJQyQ53jATUct9oZDPc-2F6YpB0QtpNfb14gNIB3FVuJRE5fxtj1CgLEljr5P1NlXE44s-2FLigAikm13B4d6fnTz9R4B9pFYbt5zMmq-2F-2BmGo8qs0KRIXHIjfR2pGTvPXc1H9EiK8oId79MEVGyhRZrAiabVf-2BQaYRkrR3pzmuCQtT8knqXQnq2zGBIwQ0vrqaD84PFSqf28n-2FybDsU9oFZTZaTwDUx1SeVps-3DzLD5_S3RA1gMvL7v1TdZrqvF2X48vY2LyH9KYdxKxBaPFp6Fl1TEEsXDQbgk-2FWPw9Ah5nwh5z3HPLIw79cePUeHvYGbACtpGEOUo9gKA7RdPV7CHYnRZ1BgjoepqPsAq5T4X7K-2Bw26wspumVv2xNKnDUQkYq-2BbQWyqMQKCImzeLk2NhiVeAzBKsIDIewCki-2BCrG0ojs-2B-2B5Apxa2XQOgUm0opbdIkDWKnfEeTuAeDwj-2BD-2BKbXMmwgTrnOr9vfPvDHLTPgVuW5rxwPOqKz9lCnqr0G0XWUdtudKjIpHi8-2BqAWN5gGM-2FqrgktzU-2Fj2LCp1qZ3aqNfHqq8R67mIzuxuUMYK0L53YFLL0uIStJlXzBh56oLpPAyjXXtjcIBH-2BAjEx16aLg&source=gmail&ust=1643816881411000&usg=AOvVaw1plmt7E-02vx-TTaSoavpH\">observed</a> a significant increase in shadow IT, usage of corporate systems for non-business related activities and the usage of personal, unsanctioned devices for business purposes.</p>
<p>Threat actors have identified this weakness, which is also due to legacy networking and security strategies, and have targeted home offices and remote workers for their initial point of entry into organisations\’ networks. Remote workers who have not changed default passwords, remote desktop software and malware infections have been just some of the tools of the trade. Businesses today realise that the affects of the “long (IT) Covid” are not going to go away, and that a new approach to securing the remote workforce, collaboration tools, unsanctioned devices and application and more must be adopted. Threat actors have already made their adjustments.</p>