How a Massive Shift to Working From Home Leaves an Enterprise’s Cybersecurity Vulnerable

The Coronavirus has effectively pressed a giant pause button on the world and caused many workers to change their schedules in a major way by packing up and continuing their work from home.

Working from home may seem like a benefit of the virus at first, but many parents are struggling with childcare issues, other people have a problem with noisy roommates or an unsafe home environment, and though it isn’t on the forefront of most people’s minds right now, cybersecurity becomes a much bigger, more complex issue when workers are asked to do their jobs from home.

Many companies are scrambling to find a way to better protect their now-remote team of employees, and as they do so, hackers will take every advantage to find the weaknesses in these spread-out company networks.

Artificial Intelligence endpoint security platform, SentinelOne has provided data that shows from February 23 to March 16 there was an upward trend of attempted attacks with peaks at 145 threats per 1,000 endpoints, compared to 30 or 37 at the start of that period.

The new normal has cast a harsh light on inadequacies many companies have when facing connectivity safeguards required for businesses to function.

When the Work-from-Home orders came trickling in, many people looked to VPNs as the obvious weak-point, but as the virus has spread so too have the security weaknesses.

Companies which did not previously have employees working remotely found that their tools were not designed to work safely off-site with a distributed workforce, not to mention utilizing a VPN or over the internet.

Often companies depend on local network security controls and tools, which means they are not protected at all while having employees work remotely.

Company equipment left behind as workers shifted to home-desks has been left unmonitored and its vulnerability has only magnified as employees, outside the vision of security teams, connect their own, unsecure devices to company assets.

The surge in virtual conferencing, video chatting, and other collaborative platforms could expose more vulnerabilities for hackers to exploit as well, with the potential for impersonation and data breach being very high.

Phishing emails also need to be considered when clicking on or responding to anything in your inbox, particularly anything related to COVID-19 as phishers are having a field day feeding off of the news.

Right now is a very uncertain time, and hackers are feeding off of these fears in order to lure people into clicking their dangerous links or exposing vulnerable data. It is important for companies to be armed with tools capable of detecting a breach be it on-premise or on the cloud in real time.

Currently most cybersecurity companies offer Supervised Learning-based AI security models which rely on labeling to catch future breaches. However, it is very difficult to know exactly what a hack is going to look like in the future. With zero-day attacks, for example, it is impossible.

Unsupervised or Context-Aware AI does not need to know what an intruder will look like in order to catch it, which only makes sense as hackers are constantly changing and adapting to the trends of the times.