- Home >
- Services >
- Access to Knowledge >
- Trend Monitor >
- Domain of Application >
- Trend snippet: New remote work model heightens security risks organisations
Trends in Security Information
The HSD Trendmonitor is designed to provide access to relevant content on various subjects in the safety and security domain, to identify relevant developments and to connect knowledge and organisations. The safety and security domain encompasses a vast number of subjects. Four relevant taxonomies (type of threat or opportunity, victim, source of threat and domain of application) have been constructed in order to visualize all of these subjects. The taxonomies and related category descriptions have been carefully composed according to other taxonomies, European and international standards and our own expertise.
In order to identify safety and security related trends, relevant reports and HSD news articles are continuously scanned, analysed and classified by hand according to the four taxonomies. This results in a wide array of observations, which we call ‘Trend Snippets’. Multiple Trend Snippets combined can provide insights into safety and security trends. The size of the circles shows the relative weight of the topic, the filters can be used to further select the most relevant content for you. If you have an addition, question or remark, drop us a line at info@securitydelta.nl.
visible on larger screens only
Please expand your browser window.
Or enjoy this interactive application on your desktop or laptop.
New remote work model heightens security risks organisations
1. Social-engineered attacks exploiting fear, uncertainty, and doubt—The World Economic Forum recently reported that the “demand for information on the new virus, accompanied by fear, confusion and even the boredom of confinement, has multiplied opportunities for cybercriminals to deliver malware, ransomware and phishing scams.” Check Point research teams found a dramatic rise in cyberattacks in correlation with the spread of the virus, and an alarming amount of phishing attacks trying to exploit this fear. Covid-19 is not just a virus, it is a major, successful, attack theme.
2. The attack surface grew exponentially—With the rush to enable remote access to corporate assets, many companies allowed connectivity from unmanaged home PCs. Many of these computers lack patches, updated best-of breed anti-malware, or any kind of protection. The only “call for duty” these PCs have is the video game carrying that name. Given the restrictions imposed almost globally, many critical services were handled by individuals which were granted remote access to critical infrastructures’ management systems (e.g. water, trains, elevators and traffic lights). Additionally, personal mobile devices are now often allowed access to networks, and many apps are moved to cloud for scalability. However, many Infosec and DevOps teams rushing to thecloud didn’t scale their cloud security posture to the level of their traditional data centers. This
gap has created a dangerous opening for hacking and cybercrime. The concerns appear justified. In May, 2020, cyber security researchers saw nearly 200,000 coronavirus-related cyberattacks per week, a 30% increase over prior weeks.
3. Employees are now the “CISO” of their house—With the drastic shift to work from home, our living rooms are is now part of the company’s perimeter. Picture your 8-year old with access to your own network and files. In this situation, data is now more fluid. Every company must now rely more on each and every employee to guard the data. Maintaining your company’s previous security policies in this new age of the coronavirus is not viable against the increasingly more potent cyber attacks.