by Steven Jurczak | Jun 25, 2020 | SMBs
It didn’t take long for COVID-19 to completely alter the way
we work. Businesses that succeed in this rapidly changing environment will be
the ones that adapt with the same velocity. In our second installment from The Future
of Work
series, you’ll hear from Webroot Product Marketing Director George Anderson,
who shares his perspective on how businesses will need to adapt and evolve to
stay on course during and after the global coronavirus pandemic.
How has COVID-19 changed cybersecurity
and cyber resilience planning? What will be the most important steps to take
moving forward?
In some ways not at all. We were already existing in a
fairly perimeter-less network world. There was already a hybrid between on- and
off-network staff, and reviewing where data was being worked upon, accessed and
secured, and asking how data was being processed and secured during its journey.
Many businesses data was already split between user devices and the cloud.
Confidentiality, integrity and availability in the case of
cyber-attacks or other forms of potential data loss need to be clearly understood
as before, and any weaknesses addressed. The imperative is to have a safe data
cloud in place both in terms of security and recovery.
The steps to take include:
- Setting up regular and if practical continuous risk
assessment to get visibility of data risks
- Understanding where the greatest risks and weaknesses exist
in people, process and technology
- Investing and allocating appropriate budget to address where
the greatest data loss and compromises could and would now occur
What could the future look like after
the coronavirus? Specifically, what will change in IT and business?
Not everyone will want to choose to continue working from
home. While the savings in closing offices down are attractive to businesses,
they are not necessarily the same for an employee whose home environment is not
conducive to work. These employees may seek alternative employment to remove the
burden of working from home if an office option is not available. IT has
already, for the most part, moved to the cloud where it can, and remained
on-prem where it needs to be because of security, compliance and control. The
main IT imperatives will be factors like secure 5G and faster communications
for better collaboration.
In business, people buy from people. And face-to-face
interaction is the norm. While this will reduce in the near-term, in the long
run, peoples’ wellness depends on social interaction. Businesses that ignore
that will not thrive. However, businesses are generally going to be more open
to remote working roles and a lot better positioned to recruit staff for remote
work, without them necessarily being close to physical offices.
IT investments will shift in the coming
months, what will take precedence for companies as they go back to ‘business as
usual’?
The pandemic will make companies look, in broader terms, at
the all the risks to their business. And they’ll use IT where practical to put
protections and assistance in place. More holistic Disaster Recovery springs to
mind as benefiting from this pandemic, as does better backup of user desktops
that particularly among MSPs and SMBS has not been a priority in the past.
What advice do you have for SMBs who
will need time and a renewed economy to recover?
There will be many opportunities as the economy comes back
and many holes where competitors and others have failed. An approach that is
flexible and can react to those opportunities is essential. So, look to
business arrangements in IT, Finance, HR and other key areas that will let you
maximize your ability to take advantage of new opportunities. If you have not
looked to an MSP to help you in the past then now is the time to look at how
experts in remote management an remote working like an MSP can help?
For a step by step guide on how to improve business cyber
resilience click here.
by Kyle Fiehler | Jun 23, 2020 | Home + Mobile
Most major tech blogs have run some variation of the
following headline in recent months: Is it worth paying for an antivirus
solution anymore?
The insinuation, of course, is that built in antivirus
solutions for Mac and Windows machines have progressed to such a point that
it’s no longer worth reinforcing them with a paid solution.
While it’s sure to generate clicks, many of the answers from
tech writers are either convoluted or hedged
to the point of not really providing an answer. Let’s explore the question more
here.
The state of built-in security
Even our own experts will join third-party voices in
admitting that built-in solutions like Windows Defender Security Center
(previously Windows Defender) have improved significantly in terms of effective
malware protection.
“Windows Defender has come a long way since the days of
Windows XP and Windows 7,” says Webroot security analyst Tyler Moffitt. “It’s
better than we’ve ever seen. But it’s still not enough.”
PC Magazine lead analyst Neil Rubenking recently said
much the same, writing “Windows Defender’s own developers seem to
consider it a Plan B, rather than a main solution. If you install a third-party
antivirus, Windows Defender goes dormant, so as not to interfere.”
While many built-in antivirus solutions do reasonably well
at turning away well-known strains of malware, it’s the new, sophisticated
variations that tend to have success outsmarting them.
“Top-tier campaigns like Bitpaymer and Ryuk ransomware, or
Trickbot and dridex Trojans—these are all going to get past a lot of built-in
antivirus software.”
Evasive scripts are another source of trouble for much
built-in security software. This newly common type of attack relies on a user
clicking on a link in a “malspam” email, which then downloads a malicious
payload. Interfaces like Command Line and PowerShell are often used to launch
these attacks. If those terms are unfamiliar, it’s simply important to remember
that they are script-based and regularly evade built-in security.
“There is a growing trend that many people feel that they
don’t need any security software on their computers and that out-of-the-box
security is enough,” says Moffitt. “The reality is that it’s not enough and
built-in software has proven time and time again that it will be beaten by
malware.”
What you really need from your online security
First off, multi-layered security. Traditional malware isn’t
the only type of threat to watch out for nowadays. In addition to the
script-based attacks mentioned above, mal-vertising campaigns are frequently
launched from legitimate sites using
exploits in runtimes like Java, Silverlight and flash. Drive-by
downloads and pop-up ads can secretly install crypto miners and malicious
programs on a machine without a user knowing it, some miners don’t even need to
download, but your browser will be hijacked and max out CPU to mine cryptocurrency.
And phishing campaigns are becoming increasingly
favored by cybercriminals based on their cost-effectiveness.
“While free solutions offer better security than most
built-in solutions, you can’t beat premium solutions that utilize multiple
layers of security and are backed by cutting-edge technologies like
massive-scale machine learning and contextual analysis engines,” says Moffitt.
What else should you look for in an antivirus solution for
the home? Here are a couple features:
- Something lightweight—By that, we mean
something that doesn’t take up a lot of memory or resources on your machine.
Gamers should especially insist on this quality from an antivirus, but it
should appeal to a broader market as well. “This is especially useful if
you’re using your own devices to work from home during the pandemic and are
worried that security solutions would slow your machines down,” says
Moffitt.
- Customer service—Something you’re
unlikely to get from a built-in provider. It’s hard to underestimate the value
of a dedicated team standing by to help you troubleshoot if something goes
wrong. Especially if tech isn’t your sweet spot, you don’t want to commit to
long periods of waiting for a response from a global tech giant, or worse, no
support team at all.
- A VPN for privacy—This is especially
important if working from home is your new normal. “Not only are VPNs a great
way to add a layer of protection by filtering out malicious webpages like
phishing, but they are also a must if you are handling customer information for
work,” says Moffitt. Making sure that critical data is protected at rest and in
transit could help shield your company from major data security compliance
fines.
It’s no surprise that we advocate not relying on built-in
antivirus protection to safeguard your data and devices. But our concerns
aren’t unfounded. We’ve simply seen too many fails to protect at the level they
promise. Expect more from your online security solutions and strengthen your
digital fitness, today.
by Connor Madsen | Jun 19, 2020 | Industry Intel
Ransomware Knocks Out Knoxville, TN
Knoxville,
Tennessee officials have been working over the past week to secure systems
and determine if any sensitive information was stolen after a ransomware attack
was identified. Fortunately, city IT staff were able to quickly implement security
protocols and shut down critical systems before the infection could spread.
Within the day, many of the targeted city domains were redirected to new sites,
allowing city services to operate normally.
Magecart Attacks Multiple Online Retailers
Malicious Magecart
scripts have been identified in recent months on multiple domains belonging to
online retailers. Following the registration of a fake domain related to
Claire’s in March, several weeks of inactivity passed before code was again spotted
on Claire’s websites being used to intercept payment card transactions. It was
finally removed from the company’s domains in the second week of June, but not
before leaving thousands of customers potentially compromised.
Maze Ransomware Infiltrates US Chipmaker
The computer systems of MaxLinear,
a U.S. computer chip maker suffered a Maze ransomware attack that forced them
to take their remaining systems offline. Officials discovered that for more
than a month there was unauthorized access resulting in the leak of over 10GB
of stolen data from an alleged trove of over 1TB of total data. MaxLinear has
since refused to pay the ransom and been in contact with affected customers.
The manufacturer does not believe future operations will be delayed.
Over 100 NHS Email Accounts Compromised
Within the last two weeks a phishing campaign hit the National
Health Service (NHS), successfully accessing over 100 internal email
accounts. The affected accounts make up an extremely small portion of total NHS
email accounts, of which there are nearly 1.4 million in total. The hacked accounts
were used to distribute a malicious spam campaign designed to steal credentials
through a fake login page.
DraftKings Announces Ransomware Attack Amidst Merger
Following the multi-way merger that resulted in the
formation of DraftKings
Inc., DraftKings revealed that one of the subsidiaries, SBTech, suffered a
ransomware attack within weeks of the merger being finalized. While it is still
not known what variant of ransomware was used in the cyberattack, officials
have determined that no information was compromised. Rather, the attack was
focused on taking their online systems down. Though SBTech was required to
create a significant emergency fund preceding the merger, the deal seems to
have been unaffected by the attack.
by Kyle Fiehler | Jun 16, 2020 | Managed Service Providers
As these times stress the bottom lines of businesses and
SMBs alike, many are looking to cut costs wherever possible. The problem for
business owners and MSPs is that cybercriminals are not reducing their budgets
apace. On the contrary, the rise in COVID-related scams has
been noticeable.
It’s simply no time to cut corners in terms of
cybersecurity. But there is hope. Cybersecurity, traditionally suffering from a
lack of qualified and experienced professionals, can be a source of savings for
businesses. How? Through the automation and efficiency that artificial intelligence
(AI) and machine learning can offer.
AI & ML in Today’s Cybersecurity Landscape
By way of background, Webroot has been collecting IT
decision makers’ opinions on the utility of AI and machine learning for years
now. Results have been…interesting. We’ve seen a steady rise in adoption not
necessarily accompanied by an increase in understanding.
For instance, during a 2017 survey of IT decision makers in
the United States and Japan, we discovered that approximately 74 percent of
businesses were already using some form of AI or ML to protect their
organizations from cyber threats. In 2018, 74 percent planned even further
investments.
And by 2019, of 800 IT professional cybersecurity
decisionmakers across the globe, a whopping 96 percent reported using AI/ML
tools in their cybersecurity programs. But, astonishingly, nearly seven out of
ten (68%) of them agreed that, although their tools claim to use AI/ML, they
aren’t sure what that means.
Read the full report: “Do AI and Machine Learning Make a Difference in Cybersecurity?”
So, are these tools really essential to securing the cyber
resilience of small businesses? Or are they unnecessary luxuries in an age of
tightening budgets?
AI and ML in the Age of Covid-19
Do AI and ML have something unique to offer businesses—SMBs
and MSPs alike—in this age of global pandemic and remote workforces?
We asked the topically relevant question to it to one of the
most qualified individuals on the planet to answer it: literal rocket
scientist, BrightCloud founder, and architect behind the AI/ML engine known as
the Webroot Platform, Hal Lonas.
Can AI and machine learning tools help people do their
jobs more effectively now that they’re so often remote?
Put directly, the Carbonite and Webroot CTO and senior VP’s
response was bullish.
“AI and machine learning tools can absolutely help
people do their jobs more effectively now more than ever,” said Lonas.
“Security professionals are always in short supply, and now possibly
unavailable or distracted with other pressing concerns. Businesses are facing
unprecedented demands on their networks and people, so any automation is
welcome and beneficial.”
In machine
learning, a subset of AI, algorithms self-learn and improve their findings
and results without being explicitly programmed to do so. This means a business
deploying AI/ML is improving its threat-fighting capabilities without
allocating additional resources to the task– something that should excite
cash-strapped businesses navigating tough economic realities.
Our AI/ML report backs up Lonas’s assertion that these
technologies make a welcome addition to most business security stacks. In fact,
94 percent of respondents in our survey reported believing that AI/ML tools
make them feel more comfortable in their role.
“People who use good AI/ML tools should feel more
comfortable in their role and job,” he asserts. “Automation takes
care of the easy problems, giving them time to think strategically and look out
for problems that only humans can solve. In fact, well-implemented tools allow
security workers to train them to become smarter—in effect providing the ‘learning’
part of machine learning. Each new thing the machine learns makes more
capable.”
AI/ML adopters also reported:
- An increase in automated tasks (39%)
- An increase in effectiveness at their job/role
(38%)
- A decrease in human error (37%).
- Strongly agreeing that the use of AI/ML makes
them feel more confident in performing their roles as cybersecurity
professionals. (50%)
So despite some confusion about the role these technologies
play in cybersecurity (which
we think vendors could help demystify for their clients), their effects are
clearly felt. And because cybercriminals
are willing to adopt AI/ML for advanced attacks, they may force the hands
of SMBs and MSPs if they want to keep up in the cybersecurity arms race.
Given today’s limited budgets, dispersed workforces, and increasingly
sophisticated attacks, the time may never be better to empower professionals to
do more with less by automating defenses and freeing them to think about
big-picture cybersecurity.
by Connor Madsen | Jun 12, 2020 | Industry Intel
Nintendo Accounts Breached
Stemming from a cyber-attack back in April, Nintendo
has just announced that roughly 300,000 user accounts have been compromised,
though most belong to systems that are now inoperable. From the excessive
unauthorized purchases, the attackers likely used credential-stuffing methods
to access accounts and make digital purchases through PayPal accounts that were
already logged in. Nintendo has since contacted the affected customers and has
begun pushing out mandatory password resets.
Kingminer Botnet Locks Down Entry Points Behind Them
After nearly two years of operation, the owners of the Kingminer
crypto jacking botnet have taken up a new tactic of patching the very
vulnerabilities they used to illicitly access systems. This implementation is
likely being used to block any other malicious campaigns from accessing the
compromised systems and net them larger profits. By using the EternalBlue
exploit and patching it behind themselves, they can brute force their way into
any vulnerable system and then keeping their own crypto mining scripts active
for an increased amount of time before being discovered.
Honda Shuts Plants After Ransomware Attack
Several Honda
plants around the world have recently closed due to a ransomware attack that
has targeted several manufacturing systems. The shutdown came only hours after
a new Snake ransomware sample was uploaded to Virus Total and was seen
attempting to contact an internal site belonging to Honda. Currently, officials
for Honda are still working to determine exactly what parts of their systems
were affected and if any personally identifiable information was compromised.
Scammers Created Fake SpaceX YouTube Channels to Steal Cryptocurrency
Multiple malicious YouTube accounts have changed their names
to keywords relating to SpaceX
in order to scam viewers out of Bitcoin cryptocurrency donations. While it
should be obvious that these channels are not the legitimate SpaceX account
based solely on the number of subscribers, the fake channels have also been
livestreaming old recorded SpaceX interviews with Elon Musk, to improve their
legitimacy. Unfortunately, during the livestreams, the channels promote
cryptocurrency scams in the chat section to entice other viewers to send in a
small amount of cryptocurrency with the promise of a significant amount more
being sent back.
Florence, Alabama Pays Ransom Demand
In the last week, officials for Florence,
Alabama have been working to negotiate with the authors of the DoppelPaymer
ransomware attack that took down the city’s email systems. Though the initial
ransom amount was 38 Bitcoins, or the equivalent of $378,000, the security team
that was brought in was able to drop the demand to 30 Bitcoins, or $291,000,
which the city has decided to pay. It is still unclear exactly what information
may have been stolen or accessed, the Mayor of Florence concluded that it was
best to just pay the ransom and hope their information is returned and their
systems are decrypted.
by Kyle Fiehler | Jun 9, 2020 | Managed Service Providers
Nestled within our chapter on malware in the 2020 Webroot Threat Report is a comparison of infection rates between business and personal devices. The finding that personal devices are about twice as likely as business devices to become infected was always significant, if not surprising.
But the advent of the novel coronavirus—a development that followed the publication of the report—has greatly increased the importance of that stat.
According to a joint study
by MIT, Stanford, and the National Bureau of Economic Research (NBER), more
than a third (34%) of Americans transitioned to working from home as a result
of COVID-19. They join approximately 14.6% of workers already working from home
to bring the total to nearly half the entire American workforce.
During remote work many employees are forced or simply able
to use personal devices for business-related activities. This presents unique
security concerns according to Webroot threat analyst Tyler Moffitt.
“In a business setting,” he says, “when
you’re given a corporate laptop it comes pre-configured based on what the IT
resource considers best practices for cybersecurity. This often includes group
policies, mandatory update settings, data backup, endpoint security, a VPN, et
cetera.”
Individuals, on the other hand, have much more freedom when
it comes to device security. They can choose to put off updates to browser
applications like Java, Adobe, and Silverlight, which often patch exploits that
can push malvertising.
They can opt to not install an antivirus solution or use a free version. They
can ignore the importance of backing up data altogether.
These risky practices threaten small and medium-sized
businesses (SMBs) both immediately and when workers gradually return to their
shared office spaces as the virus abates.
As our report notes, “With a higher prevalence of
malware and generally fewer security defenses in place, it’s easier for malware
to slip into the corporate network via an employee’s personal device.”
What’s at stake, for SMBs, is the loss of mission-critical
business data due to device damage, data theft via phishing and ransomware, and
GDPR and CCPA fines for data breaches. Any of these threats on their own could
be existential for SMBs.
What can businesses do to prevent BYOD-enabled data loss?
“Super small
businesses may not have the luxury of outlawing all use of personal devices,”
says Moffitt. “BYOD is a fact of life now, especially with so many individuals at
home, using home computers.”
But employers aren’t
out of luck entirely. They can still purchase for their employees, and
encourage the use of, several essential security tools. These include:
- Endpoint security software – Employers should provide endpoint security for home devices when necessary. When it comes to free solutions, you get what you pay for in terms of protection. Currently, there’s the expectation, especially among younger people, that built-in antivirus solutions are enough for blocking advanced threats. In reality, layered security is essential.
- Backup and recovery software – Many SMBs rely on online shared drives for collaborating. This is dangerous because a single successful phishing attack can unlock all the data belonging to a company. GDPR and CCPA fines don’t differentiate between data stolen from personal or business devices, so this level of risk is untenable. Make sure data is backed up off-site and encrypted.
- A VPN – IT admins or contractors should ensure that any sensitive company data requires a secure VPN connection. Especially with employees connecting on public or unsecure networks, it’s important to guard against snooping for data in transit.
- Secure RDPs – Remote access can be a great option when working from home, but it must be done securely. Too often unsecured RDP ports are the source of attacks. But, when encrypted and protected by two-factor authentication, they can be used to access secure environments from afar. Many are even free for fewer than five computers.
- User education – Security awareness training is one of the most cost-effective ways of protecting employees from attack on their own devices. Phishing attacks can be simulated and users in need of additional training provided it at very little additional cost. When compared to a data breach, the cost of a few licenses for security training is miniscule.
Collaboration over coercion
It’s difficult to mandate
security solutions on personal devices, but managers need to at least have this
conversation. Short of installing “tattleware,” this has to be a collaborative rather than a coercive effort.
“You can’t enforce a
group policy on a computer or a network that you don’t own,” reminds Moffitt.
“Ideally, yes, give each employee a corporate laptop to work at home that’s
securely configured. But if that’s not possible, work with employees to ensure
the right steps are taken to secure corporate data.”
Companies should
work with IT consultants to source high-performing versions of the solutions
mentioned above and cover their cost if it’s understood that personal devices
should be used during this period of working from home. If taken advantage of,
it can be an opportunity to foster a culture of cyber resilience and your organization will come out
stronger, wherever your employees are located.
by Connor Madsen | Jun 5, 2020 | Industry Intel
TrickBot Silently Targets Servers
Knowing that many domain controller servers are rarely
shutdown or rebooted, the authors of TrickBot
have made some changes to allow the infection to run from memory. While this
can be detrimental to the payload, as a reboot could easily remove it, the
stealth approach could let the infection cause major havoc on systems that
aren’t routinely restarted. Though TrickBot is normally dropped as a secondary
infection from Emotet, it’s taken this new stealth approach to move across
networks more easily.
Stenography Makes Leaps into Industrial Cyberattacks
Researchers have been following a new trend of incorporating
multiple levels of steganography
into cyber attacks focused mainly on large industries. The attacks are specified
for each victim, including a language localization script that only executes if
the local OS is in the right language and using macros to launch hidden malicious
PowerShell scripts that require no additional input. The scripts, when
executed, communicate with imgur.com or other image hosting sites to grab
pictures with malicious code hidden in the pixels that eventually drops an
encrypting payload.
Flaw in Apple Sign-in Nets Bounty Hunter $100,000
An authentication flaw has been discovered within the Apple sign-in feature for third-party sites that could
allow an attacker to forge fake accounts if the victim hadn’t chosen their own
email address to be identified. If a victim chooses not to do so, Apple creates
a unique email ID that is used to create a JSON web token (JWT) to sign in the
user. This could easily be forged alongside the email ID to gain unlimited
access to any account. The researcher who found the bug and reported it to the
Apple Security Bounty Program was rewarded with $100,000.
Ransomware Authors Begin Data Auction
The authors behind several prominent ransomware campaigns,
including Sodinokibi and REvil, have begun an auction
for stolen data on their dark web site. Currently, there are two auctions
active on the site, one with data belonging to an unnamed food distributor and
the other with accounting and financial information for an unnamed crop
production company from Canada. The auctions have starting prices of $55,000, along
with fees to be paid in Monero cryptocurrency because of its anonymity and ease
of direct payment from victims.
San Francisco Employee Retirement Database Compromised
A vendor conducting a test on a database belonging to the
San Francisco Employee Retirement Systems (SFERS)
recently noticed some unauthorized access to the database containing records on
74,000 members. Though the database didn’t contain Social Security Numbers, it did
contain a trove of personally identifiable information including names,
addresses, and birthdates. Fortunately, the database was using old data for the
test and had nothing newer than 2018. Nevertheless, SFERS officials are offering
credit and identity monitoring services for affected victims.
by Connor Madsen | Jun 3, 2020 | Industry Intel
Bank of America Breach Reveals PPP Information
After processing over 300,000 Paycheck Protection Program
applications, Bank
of America has revealed that a data breach occurred within the U.S. Small
Business Administration’s program that allowed all other SBA-authorized lenders
to view highly sensitive data. The data includes tax information and social
security numbers relating to both businesses and their owners and could have
extremely devastating effects in the wrong hands. Fortunately, the SBA secured
the compromised data within a day of being notified and Bank of America has
reached out to affected customers offering of two years of identity theft
protection. null
Bank of Costa Rica Suffers Data Breach
Threat actors working for the Maze group recently claimed to
have belonging to millions of Bank
of Costa Rica customer accounts, a claim that was quickly refuted by the
bank itself. Within a week, Maze began publishing proof of their bounty and
promised to continue posting records if the bank fails to improve their current
security. Maze also claimed to have accessed the bank’s systems on multiple
occasions to determine if security had improved but chose not to encrypt their
systems as the second breach occurred during the COVID-19 pandemic.
Old LiveJournal Breach Data Re-emerges
Researchers have been looking into a recent data dump that
appears to have originated from the 2014 LiveJournal
breach and contains over 33 million records up to 2017. It is hard to precisely
date the breach, as LiveJournal is a Russian-owned journaling service and never
reported it, though many LiveJournal users were targeted in a past spam
extortion email campaign. More recently, users of Dreamwidth, which shares the
LiveJournal codebase, has seen reports of compromised accounts.
Turla Hackers Grabbing Antivirus Logs to Check for Detection
One of the largest state-sponsored hacker groups, Turla,
has turned their attention to accessing antivirus logs on infected systems to
determine if their malicious activity has been discovered. With the use of
ComRAT V1 (and later versions), Turla has been gaining highly sensitive
information from major national organizations for over a decade and continues
to improve on their methods. By viewing the logs created by local antivirus
software, the attackers can adjust more quickly to avoid future detections.
New COVID-19 Tracker Drops [F]Unicorn Ransomware
The latest to capitalize on the public’s pandemic fears, a
new fake COVID-19 tracing app has been targeting systems in Italy by dropping a
new ransomware variant dubbed [F]Unicorn.
The malicious payload comes disguised as a file from the Italian Pharmacist
Federation. It then directs the victim to a beta version of the
yet-to-be-released Immuni tracing app, showing a fake tracing dashboard as the
encryption process begins. The ransomware demands a 300-Euro payment but displays
an invalid email address, so users would be unable to prove payment to the
attackers even if they choose to pay.
by Kyle Fiehler | Jun 2, 2020 | SMBs
Working from home is no longer something some of us can get
away with some of the time. It’s become essential for our health and safety. So,
what does the future of work look like in a post-COVID
world?
We asked some of our cybersecurity and tech experts for their
insights, which we’ll be presenting in a series entitled The Future of Work. In
this installment, we’ll cover the qualities that will separate companies able
to make smooth transitions to new ways of working from those that can’t. Plus,
we’ll examine the effects the pandemic and our response to it have on workplace
culture.
What are hallmarks of organizations that will successfully navigate our new workplace realities?
The COVID-19 crisis has forced employers to more fully
consider the broader humanity of their employees. With parents becoming
teachers and caretakers for ill, often elderly loved ones, greater levels of
empathy are required of management. Now, with a lagging world economy and even
experts unsure of what
shape the current recession will take, financial stress will likely be
added to the long list of anxieties facing the modern workforce.
As remote work continues to be a norm in industries like
tech, boundaries between home and work life will continue to be murky. This,
says Webroot product marketing manager George Anderson, presents opportunities
for effective leaders to stand out from their peers.
“Leadership matters now more than ever,” says
Anderson, “and being truthful matters even more. Your staff is worried,
and platitudes won’t help. They need real communication based on real facts
explaining why a company is making certain decisions. Being empathetic, sharing
in employee concerns, involving and demonstrating how you value your staff—whether
at executive or managerial level—will impact loyalty, dedication, and future
business performance.”
Forbes
notes that a more empathetic work culture is a silver lining arising from the
pandemic that won’t be easily undone. We now know not just our coworkers’
personalities, but also their home office setups, their pets, children, and
even their bookshelves. That fuller understanding of the person behind the
position will hopefully lead to an enduring human-centric shift in the
workplace.
Long-term, how will office culture change? What policies should change once everyone is physically back at work?
Relatedly, office cultures are likely to change in
irreversible ways. Even as we return to physical offices, large events like
company all-hands meetings may be attended virtually from personal workspaces,
and large team lunches may become rarities. Companies may even choose to
alternate days in and out of the office to keep the overall office population
lower.
“People will become more comfortable with video
calling, screen sharing, and online collaboration,” predicts Anderson,
“even between colleagues present in the same office. Boundaries will
become blurred and we will find new ways to stay in touch and maintain our
human connections by leveraging advanced collaboration solutions in new but
secure ways.”
Personal hygiene will also undoubtedly become a bigger aspect of physical office culture. In its guidelines for safely returning to work, the CDC recommends installing a workplace coordinator charged with implementing hygiene best practices office wide. Suggested measures include increasing the number of hand sanitizing stations available to workers, relaxing sick leave policies to discourage ill workers from coming to the office, modernizing ventilation systems, and even daily temperature checks upon entering the building.
“Some of these hygiene measures will be single events, not
the future of office work,” notes Anderson. “Others will have more long-term
impacts on the way we work together.”
Given the visible impact some measures will have around the
office, it will be impossible for them to not affect culture. Because routines
like temperature checks may be considered intrusive, it’s important the
reasoning behind them be communicated clearly and often. Stressing a culture of
cleanliness as a means of keeping all workers healthy and safe can enforce a
common bond.
Cybersecurity remains imperative
Cyber resilience isn’t the only aspect of overall business
resilience being tested by COVID-19, but it’s a significant one. The cyber
threats facing today’s remote workforces differ in key ways from those faced in
the past, so its important companies reevaluate their cyber defense strategies.
To do our part to help, we’re extending free
trials on select business products to 60 days for a limited time. Visit our free
trials page or contact
us for more information.
by Tyler Moffitt | May 26, 2020 | Business + Partners, Managed Service Providers, SMBs
Our 2020 Threat Report
shows increasing risks for businesses and consumers still running Windows 7, which
ceased
updates, support and patches earlier this year. This creates security gaps
that hackers are all too eager to exploit. In fact, according to the report, malware
targeting Windows 7 increased by 125%. And 10% of consumers and 25% of business
PCs are still using it.
Webroot Security Analyst Tyler
Moffitt points out that a violation due to a data breach could cost a business $50
per customer per record. “For one Excel spreadsheet with 100 lines of records,
that would be $50,000.” Compare that with the cost of a new workstation that
comes pre-installed with Windows 10 at around $500, and you quickly realize the
cost savings that comes with offloading your historic OS.
Windows 10 also has the added
advantage of running automatic updates, which reduces the likelihood of
neglecting software patches and security updates. Continuing to run Windows 7
effectively more than doubles the risk of getting malware because hackers scan
for old environments to find vulnerable targets. Making matters worse, malware
will often move laterally like a worm until it finds a Windows 7 machine to
easily infect. And in a time when scams
are on the rise, this simple OS switch will ensure you’re not the weakest
link.
While businesses are most vulnerable
to Windows 7 exploits, consumers can hardly breathe easy. Of all the infections
tracked in the 2020 Threat Report, the majority (62%) were on consumer devices.
This does, however, create an additional risk for businesses that allow workers
to connect personal devices to the corporate network. While employees work from
home in greater numbers due to COVID-19, this particular security risk will remain
even higher than pre-pandemic levels.
Layers are key
As Moffitt points out, no solution
is 100% safe, so layering
solutions helps to ensure your cyber resilience is strong. But there is one
precaution that is particularly helpful in closing security gaps. And that’s
security awareness training. “Ninety-five percent of all infections are the
result of user error,” Moffitt says. “That means users clicking on something
they shouldn’t thus infecting their computer or worse, a entire network.”
Consistent training – 11 or more courses or phishing simulations over a four-
to six-month period – can significantly reduce the rate at which users click on
phishing simulations.
Also, by running simulations, “you
get to find out how good your employees are at spotting scams,” Moffitt says.
“If you keep doing them, users will get better and they will increase their
efficacy as time goes on.”
The best way to close any gaps in
protection you may have is to deploy a multi-layered cyber
resilience strategy, also known as defense-in-depth. The first layer is
perimeter security that leverages cloud-based threat intelligence to identify advanced,
polymorphic attacks. But since cyber resilience is also about getting systems
restored after an attack, it’s also important to have backups that enable you
to roll back the clock on a malware infection.
With so many people working from
home amid the global coronavirus pandemic, it’s increasingly critical to ensure
cyber resilient home environments in addition to business systems. Find out
what major threats should be on your radar by reading our complete 2020 Threat Report.
