Employees nowadays do not intend to put their companies at risk. As such, they’ve spent the past year-and-a-half, doing their best to navigate the challenges of hybrid working, juggling new processes and procedures, all the while trying to get their job done.
By Bradley Pulford, vice-president and MD of HP Africa
The truth is though, Covid-19 has been a catalyst for cybercrime globally — and here at home — each passing day presents a fresh risk to business.
One of the biggest challenges that IT departments are currently facing, is making sure their cybersecurity protocols fit into existing employees’ workflows and patterns within the hybrid environment. If they don’t succeed, users may well put the company at risk by attempting to bypass critical security policies in efforts to make their remote working experiences easier.
It pays to be prepared
HP Wolf Security’s Rebellions & Rejections report, released in September 2021, highlights the tension between IT teams and employees working from home. The findings show how IT teams globally, have been forced to compromise security to ensure business continuity despite the rising threats, and that attempts to increase or update security measures for remote workers have often been rejected.
The report’s findings are particularly relevant to the African continent. A recent cyber security report by Liquid Intelligent Technologies (LIT), showed that since the shift to work-from-home, and hybrid operations back in March 2020, 69% of companies in South Africa, and 66% of companies in Kenya’s staff are still mostly working from home. Only 32% of Zimbabwean companies said the same, mostly due to the country’s more challenging environment.
Of the companies surveyed for the LIT report, 79% of South African companies, 78% of Kenyan companies, and 82% of Zimbabwean companies, indicated they had seen an increase in cybersecurity threats during this period. Most were attributed to remote working and the use of cloud-based apps, services, and storage.
Mimecast revealed that 61% of global companies – and 47% of South African ones – indicated they had been impacted by ransomware in 2020, a 20% increase over the number of companies reporting such disruption in 2019. Some 85% of South African respondents in their survey experienced business disruption, financial losses, or other setbacks last year due to a lack of cyber preparedness. For companies affected by ransomware, there was an average of seven working days lost due to system downtime, while 44% experienced a week or more downtime.
When discussing greatest vulnerabilities, 52% of South African respondents (compared to a global average of 43%) said that employee naiveté about cybersecurity is one of their greatest threats, yet nearly half (46%) conduct cybersecurity awareness training only once a quarter or less.
Of considerable concern was the fact that the global Rebellions & Rejections report revealed that over half (54%) of 18-24-year-olds were more worried about meeting deadlines, than exposing their organisation to a data breach; 39% were unsure what their security policies say, or are unaware if their company even has them – suggesting a growing level of apathy among younger workers.
This was coupled with the future workforce of 18-24-year-olds – digital natives — feel increasingly frustrated with security getting in the way of deadlines, leading many to circumvent controls, placing their businesses at risk.
IT departments have the unenviable task of dealing with cybersecurity threats while trying to make users aware that they exist, and teaching them what to expect, to be more alert, and how to avoid falling into calculated phishing, and social engineering attacks. Data breaches are being reported more regularly, and ransomware attacks are making headlines, and teams are working round the clock to keep businesses safe while facilitating mass digital transformation with reduced visibility.
The July 2021 ransom attack on Transnet’s Ports Terminals division is a prime example of the kinds of attacks that are being perpetrated at present. The attack resulted in the organisation declaring force majeure at South Africa’s major container terminals, including those at the ports of Durban, Ngqura, Gqeberha, and Cape Town.
The resultant slow-down caused by the revert to manual operations, created serious supply-chain disruptions, damaging equipment, and potentially caused cargo losses of fresh produce across the country. The true cost of the attack will only be revealed over time, particularly if importers and exporters choose alternative freight options in the future if the stability of the ports remains in question.
Finding the middle ground between productivity and security
Increasingly under-pressure, cybersecurity teams need to adapt to the hybrid workplace and seek out new levels of endpoint protection rooted in Zero Trust principles that are as unobtrusive as possible to avoid end-user circumvention. They need to make sure that the chosen technology is unobtrusive, secure-by-design, and user-intuitive, thereby making it as easy to work securely as it is to work insecurely.
The key is to optimise security while minimising user friction. Laptops, PCs and printers with security built-in rather than bolted on, can provide a more seamless and less restrictive end user experience. From here, organizations can layer security services on top, such as those that can contain, and isolate critical threats before they have a chance to do any damage.
Other tools can offer remote management for IT teams, and offer the ability to self-monitor and self-heal without user interaction.
By embedding non-intrusive security technology into the endpoint, and creating a more collaborative security culture within the organisation, through engagement and education, cybersecurity teams can reduce the burden of security and improve visibility into threats, and at the same time, provide users with a better security experience while also protecting the business.