Cyber-attacks have surged by more than 400% over the last year, with these attacks becoming more intelligent and continuing to grow.
IT teams worked hard to stabilize security measures in the dramatic and fast shift to entirely remote workforces two years ago. With many companies adopting a hybrid model, IT teams should prepare to pivot to support a new kind of workforce.
Below are 4 major considerations for IT leaders as they prepare to support and protect a hybrid workforce.
Defining BYOD Policies
The “Bring Your Own Device” (BYOD) movement refers to employees being allowed to utilize their own personal devices, such as laptops and phones, for work rather than using company-owned devices. For employees working both at home and in-office, it’s convenient to not lug equipment back and forth if employers aren’t providing equipment for both at home and in-office.
However, some businesses may need to enforce restrictions regarding personal devices based on their security needs. Companies should create clear policies defining whether they will allow employees to utilize personal devices, and what their conditions and additional security measures may be, if so.
The use of personal devices for business means some companies may need to invest in additional security measures across both company-managed and personal devices. As companies adopt ways to ensure security measures are in place, such as scanners to detect apps that contain vulnerabilities, it’s important that they still respect user privacy.
Update Risk Assessments
Many organizations are recommended to perform vulnerability and/or penetration testing at least once per year. While many organizations have been out of their offices for extended periods of time, some risk assessments may be outdated and should be performed again prior to employees returning to the office.
LaSalle Network recently hosted a virtual panel, Insights from Ethical Hacking, in which Ted Harrington, No. 1 best-selling author of Hackable: How to Do Application Security Right, and James Holley, former Chief Information Security Officer at Caterpillar Inc., discussed the most valuable ways companies can perform these assessments and protect themselves from risk. Click here to download the recording of the conversation.
Breaking Poor Security Habits
Safe security practices regarding personal and company technology may have slipped. Retraining employees on appropriate security procedures for both personal and company devices will be important to preventing successful breaches.
Especially during periods of transition, employees may be targeted with increased numbers of phishing emails mimicking members of their Human Resources team. Consider hosting a virtual security training for all employees on what to look for. It may also be helpful to simulate fake phishing attacks to employees at random to identify who may need additional training.
If not already, companies should consider utilizing multi-factor authentication to bolster their network security when employees are not onsite. As one of the most effective solutions to protect against attacks, this can help further secure remote employees’ network access.
Investing in IT and Cybersecurity Talent
Chief Security Officers (CSOs) around the world are building out teams of highly skilled cybersecurity experts to reinforce the organization’s security posture. IT and security teams have been stretched to their max after transitioning employees to a remote workforce and mitigating a myriad of technological issues across as many networks as there are employees. As IT support may be wearing thin from the increased demand, consider building out the team further to help secure and strengthen the business’ network.
Adding valuable and specialized talent can not only strengthen the team and help protect the business from potential issues, but it can help prevent turnover by helping spread workload to be more manageable. With many companies accelerating technological advancement and digital innovation to remain agile and competitive in today’s market, skilled IT and cybersecurity professionals are predicted to remain in high demand for years to come. To learn the top cybersecurity roles businesses are recruiting for now, click here.
While businesses are navigating a great deal of risks and change, security should remain top of mind as an essential part of every company’s office re-entry planning.
If adding headcount is a part of the plan to strengthen your workforce, let us help. Get connected with us here.