Hybrid working is increasingly being echoed by companies as a connectivity solution during the pandemic. However, after the pandemic is over, it is believed that hybrid working will become a new work culture where employees will return to work from the office, while others will work from home or remotely (remote working).
Based on the Global Workplace Report 2021, only 43.2% of employees believe that company information data is kept safe when they work from home. This figure is considered very low considering that since the beginning of the pandemic, employees have worked flexibly. This shows that most businesses are still struggling to install the right security tools and resources to ensure company information is kept safe when they start working with hybrid systems.
Cyber Attack Trends in Indonesia
It is no longer a secret that in Indonesia, from 2020 to 2021, cyberattacks have increased very rapidly. The targets of cyberattacks are increasingly widespread and random, ranging from large companies to small businesses.
According to the National Cyber and Crypto Agency (BSSN), there were around 888,711,736 cyber-attacks that hit Indonesia from January to August 2021. This figure has doubled compared to the previous year. For comparison, the number of cyberattacks that occurred in Indonesia was 290 million in 2019 and 495 million in 2020.
In Indonesia itself, not a few companies are victims of data breaches. Starting from enterprises to MSMEs, even government organizations have become victims.
With the implementation of hybrid working, workers not only have to adapt to new work patterns, but also have to adapt to ways of working that are safe from the threat of cybercrime.
3 Cyber Attack Trends in Hybrid Working Patterns
Companies can address and reduce the threat of future cyberattacks only by taking a more proactive and forward-looking attitude. Over the next two to three years, The Wall Street Journal forecasts three major cybersecurity trends across multiple technologies with the greatest implications for enterprises. Here are some of them.
1. Company Information Data Theft
hybrid working pushes companies to rely on high-speed data access. The company certainly has a large database, but it is not accompanied by the adoption of integrated data technology. This causes corporate data to spread across multiple platforms and exacerbates possible cyberthreats.
In 2020, the average person on Earth creates 1.7 MB of data every second. With more and more data traffic, companies are increasingly responsible for storing, managing, and protecting that data.
To run secure hybrid working systems, companies need new technology platforms, including data lakes that can collect centralized data information, and store it in the cloud. This can provide easy and secure access to workers, companies, and third parties.
2. Malware, Ransomware, and Phishing
Over the next few years, hackers will be faster to break into data from a week to a day and even hours from reconnaissance to data exploitation.
For example, Emotet is malware that usually attacks banks and can change the nature of the attack, making it undetectable. Hackers send contextual phishing emails by hijacking emails related to customer data and internal company data.
Other technologies and capabilities make attacks more diverse, as ransomware and phishing have doubled every year since 2019.
3. Cybersecurity Risk Management Hasn’t Followed Digital Transformation
Many companies do not have sufficient cybersecurity talent, knowledge, and expertise. In general, cyber risk management has not followed the development of digital transformation and analytics, many companies are not sure how to identify and manage digital risks.
The solution to prevent unwanted attacks on the company is to apply strong, proactive, and appropriate protection to the work system used.
4 Applicable Tips for Hybrid Work Patterns
Here are four tips that companies need to consider to prevent the threat of cyberattacks when implementing a hybrid work pattern.
1. Implement Monitoring, Antivirus, and Firewall
Firewalls and antiviruses are the best way to prevent security threats from entering a company’s infrastructure. Both are basic security systems that must be owned by a company, especially those that implement remote working.
However, to use firewalls and antivirus, companies must always pay attention to updating each tool. Outdated or expired tools make company infrastructure more vulnerable. Viruses, ransomware, and other attacks can easily enter and compromise valuable data and information in the infrastructure.
To maximize the performance of the firewall and antivirus monitoring is required. Monitoring helps companies maintain the condition of every tool used. Users will receive notifications when the tools require updating and when suspicious activity is detected around the company’s infrastructure.
2. Managing Devices and Passwords
When a hybrid work system is implemented, all employees will be responsible for the security of their own devices or devices. If one device has a weak security system, it can affect the security of the infrastructure as a whole.
Therefore, always make sure that every password used meets security standards. Using a combination of upper and lower case letters, numbers, symbols, and spaces can be a good solution. In addition, changing passwords regularly is important as a way of maximizing security.
3. Implementing Zero Trust
Zero Trust is an act of always suspecting all parties involved in the scope of infrastructure security, from partners, employees to customers. By not trusting anyone and anything, companies are expected to implement more secure security protocols.
Implementing authentication on every access infrastructure, device, software, and others is one example. Having an authentication process on every device and tool can make it difficult for cybercriminals to retrieve the data on it.
In addition, companies are required to perform access efficiency. This means they always have to decide who can access company devices or tools, the fewer who have accessed the less risk.
4. Respond to Threats
When it comes to the security of infrastructure, it is not only security tools that play a role but also who use the infrastructure.
There are many cases where a company or organization has been hacked due to user negligence or ignorance of the existing threats. If the user does not know how to safely operate the device, then the security tools cannot do much.
Another thing to consider is the security of external devices such as flash drives or hard drives. Both devices are at high risk of carrying malware that can quickly infect your infrastructure.
For this reason, a company must socialize the procedures for operating the device safely. By telling what can harm infrastructure, types of attacks, and what can and can’t be done will greatly help reduce the risk of attacks.
By applying the four methods above, it is hoped that it can help secure the company’s infrastructure from various cyber threats. Even so, a more structured and organized security system is still needed to ensure the security of the company’s infrastructure.
It’s Time to Anticipate Your Cyber Attack Threat with CTI Group
For more security solutions based on company goals, CTI Group is here as a trusted digital solution provider to provide cyber security solutions in the era of hybrid working.
CTI Group is ready to help you adopt various types of cybersecurity support technologies from our 13 subsidiaries, complete with more than 100 world-class IT brands, as well as the support of more than 250 experienced certified engineers who will be ready to help the implementation of your IT security solutions run optimally and smoothly for 24 hours. /7. For complete information about CTI Group, contact us at firstname.lastname@example.org.
Author: Ary Adianto
Content Writer CTI Group