Increased Security Initiatives Essential to the Future of Telework

July 28, 2020 — Many Americans will continue to work remotely for the foreseeable future, posing major security threats to institutions that are struggling to secure their digital workforces. In order to secure telework for the future, it is necessary for companies to boost security initiatives, sai

Increased Security Initiatives Essential to the Future of Telework
Image by NSWC Crane used with permission

July 28, 2020 — Many Americans will continue to work remotely for the foreseeable future, posing major security threats to institutions that are struggling to secure their digital workforces.

In order to secure telework for the future, it is necessary for companies to boost security initiatives, said Tim Lemaster, director of systems engineering at Lookout, in a virtual conversation sponsored by the Government Executive Media Group on Monday.

Another threat facing the future of telework is a lack of internet accessibility and resiliency.

Issues like network latency and connectivity could cause problems, said Michael Geraghty, chief information security officer for the state of New Jersey.

For most organizations, the pandemic has been a major test of cybersecurity controls and policies.

A Tripwire survey of cybersecurity professionals revealed that 94 percent have become more concerned about security since transitioning to working from home.

The COVID-19 crisis has fueled the adoption of remote connections and the use of personal devices on unsecure networks, increasing cybersecurity risks.

The use of personal devices for telework makes it more difficult for employers to understand the scope of their attack surface.

Difficulties such as this led to 89 percent of cybersecurity professionals claiming that working from home made successfully executing security initiatives more difficult. Further, 64 percent reported that visibility of assets was more difficult with employees working from home.

Security threats facing telework forces also include increased ransomware attacks, the lack of security of employee home networks and phishing and social engineering attacks.

Panelists recommended increasing cybersecurity controls in response to the telework security issues raised.

They contended that increasing visibility of assets was crucial, as providers need better visibility to understand everything connected to networks in order to give sufficient review to new or personal devices being utilized.

Geraghty recommended cyber security experts build upon best practices laid out by organizations like the Cybersecurity and Infrastructure Security Agency.

Panelists agreed that user education is crucial in combating telework security issues.