Q + A + Q + A + Q + A + Q + A + Q + A + Q + A + Q + A +
GEOFF SCHOMBURGK, VICE
PRESIDENT OF AUSTRALIA &
NEW ZEALAND AT YUBICO
The move to remote working has
caused unwanted security
concerns for most Asia Pacific
organisations, so it is important to know
how to mitigate the risks.
Remote work typically results in personal
devices being used for work-related activities
or vice versa, where both are being run on
substantially less secure networks.
The pandemic has not resulted in any
observable changes to the kind of threat
tactics, techniques, or procedures. But the
level of risk to which organisations are now
exposed has increased. The widespread
scramble to accommodate remote work
has increased the attack surface to
unprecedented proportions, heightening
the likelihood of a large-scale cyber incident.
The adversary capitalises on the effects of
COVID-19 by targeting those affected with
malware, ransomware, or phishing attacks.
Now that many organisations are operating
away from their office environment, they
must revisit their current security foundation
to ensure it can withstand and combat
targeted attacks. Due to the increasing use
of mobile devices, it is important to build
a security infrastructure that can support
a modern workforce, while also having the
flexibility to accommodate future systems.
Most APAC companies are now thinking about
how this ‘new’ way of working will change
their business for good and accelerate their
path to Digital Transformation. One thing
is certain, as more core business functions
and applications are digitised and moved
to the cloud, a strong, yet flexible, security
foundation is critical to reducing risk exposure.
To help organisations combat the very real
cyberthreats, the Australian government’s
lead cybersecurity agency has introduced
what it calls the ‘Essential Eight’. This is a
set of eight mitigation strategies to help
organisations understand how they can
better protect themselves from increasingly
sophisticated and frequent cyberthreats.
Other governments across APAC are
introducing similar guidelines and legislation.
One of the eight recommended mitigation
strategies is Multi-Factor Authentication
(MFA), which is one of the most effective
controls to prevent an adversary from
gaining access to a device or network and
stealing sensitive information. In fact, MFA
is proven to limit the extent of cybersecurity
incidents, such as phishing, man-in-themiddle
attacks and malware.
All organisations across APAC that do not
strengthen their cybersecurity maturity level
by introducing mitigation strategies may
discover themselves unprepared to effectively
protect, detect and respond to threats
specifically targeting their organisation.