In 2020, the world witnessed a dramatic shift to remote working. At present, nearly half (47%) of the UK workforce works remotely.
And although things will likely change once COVID-19 pandemic is defeated, the world of work has been permanently altered, with 86% of employees stating that they hope to continue remote and flexible work patterns post-pandemic.
Although there are many benefits to remote working, 2020 has made it abundantly clear that remote work creates cyber-vulnerabilities that businesses of all kinds need to resolve.
Since the beginning of the pandemic:
- Brute force attacks targeting RDP endpoints have risen by 400%.
- Spear phishing attacks are up by 667%, with a notable increase in Emotet phishing attacks on UK and US organisations.
- Malware has become an increasingly prominent threat, particularly for the retail and manufacturing industries.
- Ransomware attacks have risen by 72%.
It’s clear that remote work is here to stay, so addressing these threats will be critical to the future of business. Of course, accommodating remote working has always been a long-term goal in cyber; 2020 has simply accelerated the need to resolve the associated pain points. Fortunately, our current circumstances have also increased the availability of effective security solutions.
Suggested reading: If you want a more detailed breakdown about the 2020/2021 threat-landscape, and how to prepare for the future of cyber security, check out our free report — Planning for the Future of Cyber Security Today.
The current risk landscape
When employees are working outside of the physical office space, the usual network protections are no longer effective. Over the past year, we’ve seen remote working and Bring Your Own Device (BYOD) policies force many businesses into a less-than-ideal situation, with team members accessing sensitive information through unsecured networks and devices. The shift to remote work has also accelerated cloud migrations, and more critical applications are now running online.
There are a lot of cyber security trends to watch in 2021, but figuring out ways to accommodate remote working has to be near the top of the list. The current ‘perfect storm’ makes businesses more vulnerable to cyber-attacks than ever before, and finding solutions needs to be a top priority.
Types of attacks
Each type of attack is different, and not only are the numbers of attacks on the rise — the kinds of attacks taking place are changing.
- Brute force attacks: Brute force attacks have increased dramatically since lockdown measures took hold, largely due to businesses deploying more Remote Desktop Protocol (RDP) systems. The highest ever number of brute force attacks occurred in Italy in March 2020.
- Phishing attacks: Phishing attacks account for nearly 80% of all cyber-attacks on businesses, and 56% of IT decision-makers state that phishing is their top security threat. The average cost of a phishing data breach is around $3 million, and up to 60% of small-to-medium-sized businesses go out of business following this kind of attack.
- Malware: Hackers use malware, which is often delivered through email via a link or file, to gain unauthorised access to a network and/or cause damage to data and systems. As of 2020, 28% of attacks involve malware.
Knowing who is likely to attack you and why is important to investing in the right defences. And although there have been changes, broad trends remain unchanged. An overwhelming 86% of all breaches are financially motivated, and 7 out of 10 breaches are attributed to external actors. What’s changed is how employees are accessing the system — and that means creating solutions for remote access.
The cyber-safe solution to remote access
Our suggestion for overcoming the challenges of remote access is two-fold: endpoint security and a managed detection and response service. Here, we’ll zoom in and take a look at each of these points in more detail.
The technical part: Endpoint security
Endpoint security is an approach to cyber defence that focuses on ‘endpoints’, or end-user devices, such as desktops, laptops, mobile phones, tablets and servers. Each of these endpoints is an attack option for cybercriminals. Ultimately, endpoints are particularly vulnerable to attack, as they are where the most valuable data is often the least protected.
Within a remote working and BYOD context, it’s impossible to appropriately harden each of these ever-changing endpoints. Endpoint security turns this problem on its head by aiming to protect the system as a whole, rather than each endpoint. It does this by controlling the flow of information between endpoints and the wider system.
Endpoint cyber security effectively centralises security while decentralising risk — delivering an overarching view of your distributed network with cloud-based tools that remove the need for local devices to do the heavy lifting. This brings the additional benefit of unburdening end-users’ devices of the bloat associated with initial deployment and ongoing management locally.
The outcome of endpoint security is a more flexible system that can accommodate new devices without changing your exposure to risk. This is critical to modern remote flexibility. However, endpoint isn’t enough on its own.
Pro tip: There are a lot of endpoint security tools. However, if your business uses Microsoft Windows, Microsoft Defender for Endpoint is the only vendor on the market that can provide built-in endpoint capabilities integrated with the operating system (OS). This creates a differentiated advantage worth investigating.
The people part: Managed detection and response
An endpoint security system will deliver significant flexibility and functionality. However, it can’t remediate threats on its own. The real goal of an endpoint system is to isolate threats and generate an alert so that action can be taken.
What you need is an active detection and response team that can jump into action at a moment’s notice to prevent an attack from turning into a breach. It’s this double-sided combination of the right technology and the right people that can deliver a security system that’s actually able to keep you safe within a remote working context.
There are two ways to deliver the kind of response capabilities that you need. First, you can build a response team in-house. It’s important to have some cyber security skills on hand. However, there are distinct benefits to outsourcing this specific task to an MDR (Managed Detection and Response) provider. Two standout reasons are:
- Economies of scale: Your business isn’t cyber security. For a cyber security provider, it’s all they do, every day. This brings a number of efficiency benefits that drive down costs. This is particularly true for MDR. It takes far fewer resources to monitor a system than to respond to a breach. In-house, you’d need all of the response skills on-call, at all times. For an MDR provider, they can share resources between customers and provide you the skills you need, only when you need them.
- Cyber security skills shortage: Access to the right cyber-skills is an increasing problem, and it’s getting harder. It’s estimated that there will be 3.5 million unfilled cyber security jobs globally by 2021. Working with a service provider gives you access to the hard-to-find experts you need to keep your network safe, bypassing the need to hire and retain your own talent. You can read more about the cyber security skills shortage here.
No matter how you access the skills required to create a response team, what’s important is that you have the people on hand required to effectively deploy your endpoint security system and manage increased remote access without opening yourself up to vulnerabilities.
Suggested reading: Four Ways Strategic Partnerships Improve Cyber Security.
Keeping up with the demands of remote work
There’s no question that the world of work has changed, and cyber needs to keep up. However, many solutions that aim to make your remote working more secure are both short-term and short-sighted. Your goals shouldn’t be reactive — they should be flexible, sustainable and future-proofed. In short, when making any type of investment, you need to think about how it will help outcomes in both the short-term and the long-term.
After all, cyber security is not a destination — it’s a journey. This means staying vigilant, conducting cyber security risk assessments, and always updating your system. However, the more flexible your system is, the better it will be at delivering long-term results — and this means embarking on your journey with an agile partner who can adapt and respond to the ever-evolving threat landscape, as well as your business’s unique needs. Ultimately, this flexibility is the key to keeping your systems secure, both now and in the future.
At Six Degrees, we deliver many cyber security services, including a managed detection and response service for Microsoft Endpoint Defender. Our solution is highly flexible, enables easier accommodation of new devices and delivers robust outcomes overseen by cutting-edge technology and human experts. We are outcome-focused and committed to delivering effective cyber security that will improve how you work and the types of products and services you can provide your customers. Get in touch if you want help building a safer future.
Subscribe to the newsletter today
By using virtual desktops, your organisation can achieve