data — Blog — Peter Cavicchia

The past year has brought cybersecurity front and center as work-from-home became the norm and the average person had to become better equipped at keeping sensitive data safe and secure. Despite these security friendly cultural and societal shifts, a new survey of tech professionals reveals we might not be quite up to par with best cybersecurity practices.

Tech news website TechRepublic reports that the survey from the Thales Group shows security teams across a wide international range of companies have generally been having difficulty adjusting to the new cybersecurity demands of the COVID-19 era. This means security teams have not been brought up to speed on ever-evolving cybersecurity protocols — from lack of modern infrastructure needed to defend their firms from hacks to improper training in current programs and software.

The extensive report found 20 percent of respondents said their security systems were ready for a sudden shift to the cloud as the pandemic altered overnight how companies handled their workflows. The survey also revealed 82 percent of respondents were concerned about security risks posed by the push for at-home work and 44 percent said they feared their firms’ systems were not equipped to keep data generated and transferred from home-based employees secure.

A need to embrace cloud computing

This doesn’t mean the majority of firms have security teams that are lacking in talent. It’s quite the opposite. Instead, the report reveals that these cybersecurity professionals just haven’t been given the appropriate tools fast enough to handle this changing world.

“Technologies such as encryption and multi-factor authentication (MFA) have not reached saturation levels such that the majority of applications and data are fully protected,” TechRepublic cites in a passage from the report.

One of the main cybersecurity realities that has emerged during COVID-19 is the need to embrace cloud computing. As we continue to normalize working from home — with many workplaces turning to hybrid home-and-office models — the cloud will only continue to be a necessity.

The Thales Group found that just 17 percent of respondents said more than 50 percent of sensitive data hosted on the cloud is encrypted at their firms. If you zero in further, 24 percent reported having full knowledge of where their data is even stored in the first place while 45 percent say their teams have clearly defined company-wide cloud protocols.

What this means is there is a lot of work left to do.

The Thales report lays it out clearly — everyone at a firm needs to be on the same page when it comes to cybersecurity: “Senior executives need to ensure that they obtain a more complete understanding of the levels of risk and attack activity that their front-line staff are experiencing. They can't make effective strategy and security investment decisions when perspectives across the organization aren't aligned."

The past 12 months reoriented daily life in myriad ways. This is represented most starkly in how we work. In 2020, 62 percent of Americans worked from home, with 49 percent doing so for the first time, reports business website B2C.

That high volume of employees in the United States taking their work laptops home and from brought with it a 300 percent increase in cybercriminal activity targeting remote workers. The frequency of these hacks increased during the first six weeks of American quarantine and shelter-in-place orders early last spring.

The business website reports that 20 percent of companies experienced data breaches linked to these home-based workers.

If you’re a business owner — or even just an employee who still sees your home as your “office” for the foreseeable future — it is understandable that numbers like this give you cause for concern. With cybercrime targeting work from home on the rise, one bright spot appears to be the reality that cybersecurity etiquette is also on the rise.

Best practices for keeping your personal and professional data secure are part of the normalized parlance of office conversation. Now, it is becoming second nature for American workers to be cognizant of the importance of keeping their information protected from hackers.

Two-factor authentication, secure passwords, and wariness over phishing and ransomware attacks are increasingly a normalized part of professional life. In short, protecting your data isn’t just reserved for the company’s IT team.

CFO reports that companies are relying on the cloud. One example is the fact that organizations are using cloud-located intranets that use direct, private connections and even virtual desktop interfaces.

Artificial Intelligence (AI) and machine learning are also playing a needed role in identifying threats.

CFO cites a recent Infosecurity Magazine piece that shows how machine learning is detecting phishing attacks, referencing a cloud-based algorithm that scans email header messages to pinpoint what is known as “ratware,” or software that generates automatic mass messages. Then, another algorithm looks for phishing vocabulary in the body of an email. Eventually, this algorithm continues to grow more sophisticated, better picking up on suspicious emails as it collects more information about what is and isn’t malicious information hitting your Inbox.

While the rise of cybercrime is worrying, there is reason to hope. The deployment of canny AI made specifically to fight back against hackers coupled with increased cybersecurity literacy among America’s workforce hints at a future primed for a world that will continue to rely on working from home — safely.