On 2024-01-23
by Lionel Garacotche, Technical Office Leader for IT Cybersecurity Architecture at Airbus Protect
Cybersecurity

Expectations vs. Reality: Cybersecurity and Remote Working

Expectations vs. Reality: Cybersecurity and Remote Working

Remote working is not a new area for IT and cybersecurity experts, however in the last few years it has now been pushed to the forefront and become a hot topic that organisations globally must consider. From where we are currently sat, this change looks like it may be the new normal, and it is not switching back anytime soon.

From where we are currently sat, this change looks like it may be the new normal, and it is not switching back anytime soon.

Summary

Why is remote working so significant?

When the pandemic unexpectedly arose organisations were not fully prepared and the supporting infrastructures for this change were not in place. Despite this, the world continued to move, and so as a result various ways of connecting to an organisation’s facilities spawned; this has extended the attack surface to a never seen before level. With organisations’ work from home dynamic remaining, this threat remains significant.

From the technical perspective, three main scenarios have spawned:

The ‘No Trust’: Assets that can be only used with a Virtual Private Network (VPN) on and no side communication is allowed, just like an inside asset, as controlled and hardened as it should be.

The ‘Partial Trust’: Assets that allow the user to have a side activity (controlled by CASB (Cloud Access Security Broker), EDR (Endpoint Detection and Response), etc.), but ask for a connection when the activity is around office work and company data.

The ‘Whatever’: Bring Your Own Device or uncontrolled assets, but with access only to ‘public’ apps or through Virtual Desktop Infrastructures to gain access to internal apps.

 

Why is the technical side of things relevant?

Although some organisations can maintain control, varying scenarios highlight the dispersion of control that the majority of organisations now face. The importance of control here directly links to risk. Risks in an uncontrolled environment are harder to manage and thus organisations now face a higher potential that cyber threats are successful, compromising the company in a number of ways. This is a vital consideration for Critical National Infrastructures, where the result of such a threat can be detrimental.

The technical perspective does not solely pose the threat. Human factors are also a large contributing factor that must be considered.

 

How do organisations control human behaviour?

When we move to the user side, we notice that not everybody is at the same level of security awareness, particularly when thinking about working in public spaces. It might seem obvious to not speak loudly about data or sensitive projects in public spaces, to lock sessions, to be sure that nobody can see your screen, etc., but it’s not. 

For that, organisations need to teach and emphasise on the consequences of those behaviours. And at the same time, must be sure that their detection systems can handle user behaviour and take that into account. The specificity of critical functions must also be considered and organisations must be sure that security is at the right level. 

It’s always hard to determine what the future will look like, but we know for a fact that remote working will remain. Organisations have to focus on being sure that employees are aware and understand the increased threat level we’re facing. Cybersecurity Operators should quickly support employees in case of suspected security incidents, and messages should be reinforced around threat, risks, and behaviour, and provide guidance, and help users with assets that fit properly to their needs without weakening security.

On another end, organisations should consider robust controls over configurations and functions, be prepared to enhance identity and authorisation checking, harden filtering and systems, and be sure that no bypass to the crown jewels actually exists. 

 

Remote working doesn’t mean that everything is wide open to the world, the access should, au contraire, be tighter than ever.

Considering the high risk that is posed through passively implementing remote working, incorporating a well defined preventive plan is vital in combating cyber risk from adverse actors. Technical and human factors will always pose a risk in remote working, but how a company plans to deal with those risks is what makes the difference.

 

If you liked this article and would like to learn more contact us.

  • Share

More on Cybersecurity

Ship on the ocean Cybersecurity

What is Export Control? A Well-Kept Recipe!

Are you sure that you are authorised to sell your products to foreign companies and to domestic ones established in foreign countries? Have you checked whether all the components and subsystems of your product can be exported ? Are you certain that you are allowed to share technical information with your foreign interlocutor ? Having[...]

Read more
understanding digital risk management Cybersecurity

Digital Risk Management: A Business-Aligned Approach

Organisations today face a complex and evolving array of risks that require effective management. Some are inherently digital, while others are traditional risks amplified by technology. From cyberattacks to technical disruptions, these threats pose significant challenges for businesses, holding the power to impact operations, finances, reputation, and ultimately bottom line.  To safeguard their future, organisations [...] Read more
Airbus Protect explains Vulnerability Management Cybersecurity

Airbus Protect explains: Vulnerability Management

What is vulnerability management? Vulnerability analyst Pierre Louis Gensou explains. Vulnerability management and vulnerability intelligence are crucial elements of IT security. As a vulnerability analyst, my role is to identify security flaws, assess their impact on the components we monitor, and inform customers of the associated risks. What is a vulnerability? When we say "vulnerability", [...] Read more