Data from the survey also shows that cyberattacks continue to plague Canadian organizations in every sector. In the last 12 months, 44 per cent of cybersecurity professionals say their organization has been hit by a cyberattack (either attempted or successful), and 22 per cent say their organization has been victimized by a successful ransomware attack. During the same period, just under three in ten (29 per cent) say their organization experienced a breach of its customer and/or employee data.
While the pivot to remote work is just one piece of the puzzle, there’s no question it has altered the cybersecurity landscape for many Canadian organizations by increasing the number of endpoints in the network and expanding the attack surface for would-be hackers. It also has the potential to expose organizations to additional cyber threats that are not typically seen in a traditional office setting.
For example, remote/hybrid working can mean employees’ personal devices, many of which are not equipped with adequate endpoint protection, are being connected to the corporate network, increasing the risk of malware being propagated. Poorly secured home Wi-Fi networks are another potential vulnerability, as is the use of consumer-grade platforms for file sharing, many of which lack the levels of encryption and protection provided by corporate IT systems.
Mitigating the security risks of the hybrid work model
There are some proven key steps you can take and security systems you can put in place to protect your remote employees and your organization from ransomware, phishing scams and the latest type of malicious software designed to compromise your network and your data.
Firewall solutions, virtual private networks (VPNs), and two-factor authentication are all great tools for keeping hackers at bay. But it’s also critical to ensure that any security measures you implement, however effective in theory, are bolstered by comprehensive cybersecurity awareness training for all your employees. No cybersecurity solution can be relied upon to neutralize every single cyber threat, so it’s critical that your people are properly trained to recognize and report phishing, ransomware and other types of cyberattacks.
Cybersecurity is a moving target and there’s strong evidence to suggest that the rise of hybrid, remote, and other non-traditional ways of working are introducing new complexities into the mix. But by investing in cybersecurity solutions that take these complexities into account and ensuring your employees have ongoing cybersecurity awareness training, your organization and your data will be protected, and your employees will be well prepared to deal effectively with any threats they do encounter before any damage is done.
Learn more about the new off-network protection feature in the CIRA DNS Firewall, which protects users when they’re not connected to their corporate network.