The pandemic led to a seismic change in working patterns with a near overnight shift to remote work. This shift has created significant cybersecurity challenges for organisations and employers in almost every sector as they implemented a range of technologies to keep them up and running. The defence sector is no exception. If anything, the consequences of a cybersecurity breach in the defence sector may be even more pronounced than for any other industry.
The shift to working remotely dramatically increased the number of attack vectors IT teams had to deal with. Cybersecurity policies and practices were stretched beyond their original purpose to try and cover more locations, more devices, and more connections into the central network and data. Cybercriminals, malicious actors, and hackers were presented with a broader range of targets spread across a wider landscape with varying degrees of protection.
Nearly every industry has experienced an acceleration in high-level cybersecurity breaches and faced potential risks from incomplete security policies and procedures during the pandemic. The upheaval it caused should serve as a catalyst for organisations to scrutinise their exposure to IT risk of all kinds—particularly risk from remote, distributed work—and how prepared they are to manage, mitigate, and prevent risk in the future.
The findings of the SolarWinds IT Trends Report 2021: Building a Secure Future reveal the change in organisational structure during COVID-19 to facilitate remote work as a major concern for overall risk exposure. A fifth of public sector tech pro respondents (18%) flagged remote work policies as a major associated risk-inducing factor. Remote working also gave rise to concerns over the exponential growth of data as a result of new working from home and the potential risks from distributed workforce/employee relocation.
The implications for security haven’t gone entirely unnoticed. Fifteen percent of respondents said the accelerated shift to working remotely was the number one aspect of their current IT environments increasing their risk exposure, followed closely by incomplete or inadequate security policies (13%).
Understanding Cybersecurity Risks
Countering these threats and challenges requires several changes and improvements. First and foremost, defence organisations need to develop a greater awareness of the cybersecurity risks they face. This requires a better understanding of the IT environment to help them uncover the areas of risk, which has been made harder by the changes to the nature of the IT environment caused by remote working. Unfortunately, some organisations across all sectors still don’t appreciate the extent of the cybersecurity risks confronting them.
The reality is, many may be more exposed to cybersecurity risks today because they were under pressure to ensure optimised, secure performance for remote workforces but had only limited time and resources to achieve this goal. The danger is the risk could be compounded by apathy and complacency over how prepared they are to mitigate those threats after a year of operating in pandemic-driven “crisis mode.”
There are several things that can be done to help address the cybersecurity risks facing organisations in all sectors as they create their post-pandemic working models.
They can improve visibility into the network and protect the broader attack surface from remote working by integrating security systems. Organisations can help keep employees safe from malicious threats by using applications and devices with built-in security and making robust security settings the default option for applications they develop themselves.
Automation and AI are Key Factors
Automation can be an effective means for organisations to overcome limited personnel and resources to continuously monitor for threats and improve cyber protections. This could include tools to scan web applications from the outside to look for security vulnerabilities such as cross-site scripting, SQL injection, command injection, path traversal, and insecure server configuration. But without people, tools can be ineffective. For example, if a possible threat is detected, relevant information needs to be shared across the organisation, so everyone can take steps to minimise risk.
As we look to a world beyond the pandemic, AI/machine learning, and automation could become key areas for investment and upskilling. More than a third (35%) of public sector respondents to the SolarWinds IT Trends Report 2021 ranked AI/machine learning as one of the top three technologies most critical to managing and mitigating risk within their organisations, only slightly behind security and compliance on 40%.
Putting People First
Nevertheless, it’s important to acknowledge the first defence against cyberattacks for any organisation is its employees because most of the risk is targeted at them and designed to exploit their behaviour. This clearly has the potential to be even more of a concern with so many working remotely and in isolation from the organisation.
To navigate the post-pandemic reality, organisations need to examine current processes from the outside in and deploy IT solutions providing comprehensive visibility into systems to identify areas of risk and opportunity. Even small changes like faster upgrades and patches, and the use of password managers and multi-factor authentication solutions, can strengthen an organisation’s overall security posture.
It’s also important to recognise the hybrid IT reality created by the pandemic, where fragmented policy, configuration, visibility, and threat surfaces reach from on-premises data centres to the cloud, IoT, and beyond. Against this backdrop, organisations need to ensure there’s a strong sense of aversion to any level of risk exposure. Across all sectors, particularly defence, they need to be prepared for worst-case scenarios if they want their defences to be as strong as possible.
The best way to achieve this is to have a clear understanding of their IT environments, so they can counter and mitigate the cybersecurity threats ranged against them. Knowledge and awareness are still two of the most important weapons in the battle against cybercriminals, hackers, and malicious actors.
If you would like to join our community and read more articles like this then please click here