3 Major Security Risks Of A Hybrid Working Model

Cyber-attacks are rising as more businesses adopt hybrid working. Discover the risks to keep your business safe from security threats in this blog.

3 Major Security Risks Of A Hybrid Working Model

What Australin Cyber Security Centre observed in 2022 finacial year

In Australia, we saw an increase in the number and sophistication of cyber threats, making crimes like extortion, espionage, and fraud easier to replicate at a greater scale. The ACSC received over 76,000 cybercrime reports, an increase of nearly 13 percent from the previous financial year. This equates to one report every 7 minutes, compared to every 8 minutes last financial year.

$98 million

An increase in financial losses due to BEC

14%

A rise in the average cost per cybercrime report to all Australian businesses

150,000 to 200,000

Australian homes and small businesses are vulnerable to compromise including by state actors.

Breakdown of successful BEC reports by jurisdiction for financial year 2021–22
Breakdown of successful BEC reports by jurisdiction for financial year 2021–22

Keeping a business running during the global pandemic resulted in many companies adopting a remote-work system. Now that the world is approaching a post-pandemic era, the question is whether to switch back to on-site work or carry on with remote work.

Many companies’ current working landscape is a hybrid working model—with team members working either in-office or remotely. Studies conducted in early 2022 show that 78% of people working remotely would choose to continue doing so. Further, 61% of remote team members do it by choice.

While this hybrid workforce may be beneficial, it poses some challenges regarding cyber security. Here are three of the most significant cyber risks to prepare for when your team is distributed between the office and their home:

The risk of home networks

It’s given that someone working from home will require an internet connection to perform their duties. The most likely scenario is that these individuals will be operating across their at-home internet connection. While home networks are mostly secure enough for personal use, they may pose certain security risks when the business comes into play.

Home networks can be targeted and hacked. In the eyes of malicious hackers trying to access company data, it’s much easier to target a remote worker’s home network than a monitored, protected business network.

One of the biggest risks of home networks is that most routers are made with preset administrator login credentials, which are usually publicly available. It becomes a simple backdoor for hackers to enter through if left unchanged. Home networks and personal devices may also lack secure firewalls, posing an additional security risk.

Companies can mitigate this risk by ensuring team members take specific security protocols on their home networks and devices. For example, the company may provide firewalls, antivirus and network security services to remote workers. Alternatively, providing remote team members with a company network and device may be beneficial, only to be used for work purposes. This network and device can then be set up with a company-wide cyber risk plan.

Unsecured public networks

It’s no secret that public networks are some of the most unsecured internet connections available, even for personal usage. When it comes to business, public networks should ideally be avoided altogether. However, with a hybrid workforce, it’s nearly impossible to control where your remote team members work and which networks they’ll have access to.

Public networks are like a hacker’s playground. They can be infected with malicious software, which may allow hackers to ‘snoop’ on someone’s network activity, steal data and collect login credentials.

Such networks may also lack secure encryption, allowing a potential leak of sensitive data. Moreover, malicious users can install their access point to a public network, acting as a ‘middle-man’ as individuals unknowingly transfer data through this unsecured and dangerous access point.

From a business standpoint, managing the cyber risks of public networks should include educating all team members about cyber safety and threats associated with public networks. If at all possible, the business can prohibit the use of public networks when working out of the office. Using a virtual private network (VPN) may also improve security and anonymity on, but not limited to, public networks.

Data security with KMT

Protect critical data and make your business cyber secure with Kaine Mathrick Tech

Vulnerability to cyber phishing emails

Phishing emails are fraudulent cyber-attacks intended to trick individuals into revealing user data like login credentials or personal information. These attacks typically take the form of an email meant to incite a user to enter such data into a fake, disguised login portal which then sends this data to hackers.

What’s more, the number of phishing attacks increased during the height of the pandemic as businesses started remote working—they currently are responsible for nearly 70% of company security and data breaches. These attacks can pose a significant risk for companies using remote or hybrid working, as it can be difficult keeping track of all the distributed devices accessing company data and accounts.

Phishers know that individuals may not recognize when an email is fraudulent, and that remote workers often don’t have a nearby coworker to consult on a suspicious email. Common phishing attacks include emails urging immediate password updates, policy updates, pandemic-related emails and payment information queries.

Handling the cyber security threats of phishing can be achieved by ensuring that all employees are informed of these risks and aware of phishing emails. Forming a communication structure between company-related emails and staff is a possible prevention method. This way, team members can immediately identify phishing attempts falling outside official company communication guidelines.

Summing up

Nowadays, enterprise security can’t be taken for granted. Cyber-attacks are everywhere, and cybercriminals are constantly developing new schemes to break company security. The hybrid working model may expose large and small businesses to various security risks like sensitive data leakage, password theft, and personal data theft. These can occur through unsecured networks like home and public Wi-Fi and phishing attacks.

Fortunately, your business can achieve a safe hybrid working model. Encouraging cyber security awareness, maintaining safety standards and forming a small business cyber security plan can help keep your business and team members safe as they perform their duties online.

Get to know more about Cyber-First IT Support for your business

with Kaine Mathrick Tech

Reference

  1. CISA. “Home Network Security | CISA”. Cisa.Gov, 2022. https://www.cisa.gov/uscert/ncas/tips/ST15-002.
  2. Liu, Jennifer. “61% Of People Working From Home Are Doing So Because They Want To, Even Though Their Office Is Open”. CBNC, 2022. https://www.cnbc.com/2022/02/18/people-are-working-from-home-out-of-preference-not-just-necessity.html.
  3. Microsoft. “Microsoft Digital Defense Report – Microsoft Security”. Microsoft.Com, 2022. https://www.microsoft.com/en-us/security/business/microsoft-digital-defense-report/.
  4. Williams, Shannon. “Phishing Email Attacks Targeting Remote Workers On The Rise”. Securitybrief Asia, 2022. https://securitybrief.asia/story/phishing-email-attacks-targeting-remote-workers-on-the-rise.
Summary
Article Name
3 Major Security Risks Of A Hybrid Working Model
Description
Cyber-attacks are rising as more businesses adopt hybrid working. Discover the risks to keep your business safe from security threats in this blog.
Author
Publisher Name
Kaine Mathrick Tech
Publisher Logo

Related Stories

Transitioning from Legacy Systems to Modern Digital Solutions in Healthcare

Transitioning from Legacy Systems to Modern Digital Solutions in Healthcare

Embracing Cloud Technology: A Leap Forward for Healthcare Efficiency

The Strategic Advantage of vCIO Services for Medium-Sized Australian Enterprises

The Strategic Advantage of vCIO Services for Medium-Sized Australian Enterprises

vCIO services offer strategic IT leadership for businesses, ensuring cost-effective tech solutions, risk management, and scalable growth.

KMT Download April

The KMT Download I April Edition I Empowering Innovation: Generative AI, Legal Governance, and Social Impact

Discover KMT’s April insights on leveraging Generative AI for innovation, enhancing business strategy with vCIO services, navigating governance in the legal sector, and making a social impact. Join us in embracing technology and purpose.

Want to be part of the crowd?

Summary
Article Name
3 Major Security Risks Of A Hybrid Working Model
Description
Cyber-attacks are rising as more businesses adopt hybrid working. Discover the risks to keep your business safe from security threats in this blog.
Author
Publisher Name
Kaine Mathrick Tech
Publisher Logo