Intelligent CISO Issue 40 - Page 37

Cybercriminals are investing more time in cyber kill chain phases , which poses major threats to business security . www . intelligentciso . com
FEATURE
Since the beginning of 2020 , there has been an acceleration in cybercrime as criminals have adapted their tactics in response to the pandemic . With more employees working from home , the traditional safeguards that businesses have relied on have fallen short , such as intrusion protection and detection systems , enterprise grade firewalls , data loss protection systems , vulnerability scanning and patch management and a secure network .
The criminal cyber kill chain contains seven main links : reconnaissance , weaponisation , delivery , exploitation , installation , command and control , and finally , actions on objectives . With employees working from home devoid of the same on-premise level of security they enjoyed in the office , they are more vulnerable to hackers . Because of the progress being made in vaccination , we are likely to see a long-term , hybrid mix of work from home and in-office . As such , it ’ s time for businesses to look towards solutions that can manage this shift .
The challenges of working from home
The pandemic changed the perspective on office work for many businesses and employees in the UK . It ’ s clear that a flexible approach to how we work is important , as 85 % of working adults want a ‘ hybrid ’ approach of working from home and in-office . Under this new paradigm , businesses must reconsider the security vulnerabilities this workforce model could face .
The blurring of lines between home and work is creating a myriad of cybersecurity challenges that organisations are struggling to combat .
When working from home , there is no central guarantee that the employee ’ s network is secure . There are none of the deployed , on-premise safeguards and IT teams are not in possession of the same amount of visibility .
Chris Vaughan , AVP – Technical Account Management , EMEA Tanium
new distributed workforce paradigm , cybercriminals are investing more time in cyber kill chain phases , which poses major threats to business security .
In many cases , attackers are capitalising on fear by using COVID-19 lures . For example , the sending of phishing emails linked to fake pandemic information , such as vaccination invitations . With too few organisations paying attention to this behavioural shift , cybercriminals can easily break through their defence systems – which are often both time and resource poor .
The working landscape has changed , perhaps forever , but combined with the
In addition to simple IT setup disconnects , there are the added distractions and pressures on employees when working in a home environment . These are causing behaviours to occur that wouldn ’ t typically happen in a more controlled office environment .
Corporate devices are being used for non-business purposes such as homeschooling and gaming . This is a result of businesses having less control of what is

Cybercriminals are investing more time in cyber kill chain phases , which poses major threats to business security . www . intelligentciso . com

37