Remote workforces are nothing new. Since about a decade ago, more of us have been working from home and enjoying the reported benefits of a 13% increase in productivity and more comfort while saving costs. In 2018, Owl Labs estimated that there were 18% of full-time remote workers worldwide. Their 2019 report focuses on the US but displays similar figures. The industries with the highest percentage of remote staff are healthcare (15%), technology/IT(10%) and financial services (9%).
The virus that hacked the job market
The COVID-19 pandemic wreaked havoc around the world and accelerated the shift to digital work environments. This change was necessary to reduce contamination and made the number of remote workers skyrocket. Today, millions of people are working from home and there’s a high chance that things will remain so in the future. But remote work brings forward one major concern: cybersecurity.
The transition gave cybercriminals the opportunity they needed to exploit the security gaps in the digital office. Diligent workers are looking for ways to protect themselves and to comply with security policies. It’s easy to find instructions on what to do to keep your data safe, or what positive and negative impacts working from home had on the average worker. But what about the cybersecurity specialists, the ones who are working to keep us all safe?
The impact on cybersecurity pros
90% of cybersecurity pros are now working remotely, according to an (ISC)² survey. The number of remote jobs in cybersecurity and IT was already significant and, just like workers in other areas, cyber and information security specialists seem to be happy working outside the office. However, 81% were assigned new duties during the pandemic and 47% are responsible for assisting with other IT-related tasks.
The transition to a digital work-environment meant strengthening security measures in new or updated infrastructures and, as the attack surface became larger, securing additional software and hardware in use. The scarcity of cyber and information security specialists is a problem that exacerbates the issues these professionals face every day. And the pandemic only added to their duties. Instead of focusing exclusively on protecting their companies, co-workers and devices, they have to juggle between a wide range of tasks and find ways to balance the two sides of an emerging conflict.
Security vs Expedience
The transition to remote work was an urgent one. IT departments were demanded to set up everything necessary as fast as possible. The situation required drastic measures and reassigning cybersecurity workers to IT tasks was a way for companies to have their digital workspaces ready, allowing their workforce to continue their daily tasks. But neglecting security is a risky move that can come at a high cost. Depleting cybersecurity teams can prove fatal.
When asked if their companies viewed security as essential, 74% of reassigned cyber pros said yes. In companies without reassignments, the number is 87% [(ISC)²]. Not surprisingly, companies that repurposed cybersecurity employees saw a rise in cyberattacks, sometimes more than double the usual. As an employer, a well-thought-out cybersecurity strategy is mandatory to keep your business and workers safe.
The challenges are aplenty: securing VPNs, remote access, collaboration tools, personal devices now in use for work purposes, issuing computers to employees who need them and providing non-tech staff with sound knowledge about cyber hygiene practices. These are tough times for an already overworked force. On a positive note, it means that positions in cybersecurity are widely available and, according to research by ISACA, only 10% of professionals in the industry worry about losing their current job.
Facing the challenges and helping your cybersecurity team
There is no ‘how to get away without cybersecurity’ solution. The best way is prevention, but the rapid shift in work environments creates many difficulties. Business can’t stop, but security must be made a priority, accompanying the changes. So, what can you do to protect yourself and help your cybersecurity staff?
Interviewed by Forbes, Alex Willis, BlackBerry’s Vice President, stated that ‘Regardless of organizational size, cybersecurity planning and response readiness is critical and achievable’. Having comprehensive procedures is the best plan, and the ability to adapt quickly to new circumstances the best ally. In total, 49% of the security professionals who participated in the (ISC)² survey consider that companies lack resources to keep themselves secure in the near future. This situation happens because most organizations were not yet ready for the forced transition to a digital work environment.
In face of these issues, companies require creative and efficient solutions. Auxiliary security software, using AI or machine learning can be a helpful asset to complement human efforts. But there is a simple way in which we can all contribute: learning safety practices.
Cyber self-care for all
Having a dedicated routine that reinforces positive actions with beneficial effects on our self-esteem plays an important role in our lives. Cybersecurity can be integrated here, too. Think about it as your cyber self-care kit. Ideally, everyone in your company should have a basic one, and it includes:
- strong passwords
- two-factor authentication
- a work-only device that complies with your company’s security policies
- accurate and reliable sources to stay informed
- cooperation with co-workers
- transparency
By taking care of yourself and your data, you’re already helping to make remote work more secure for everyone. We’re experiencing something that will possibly become the ‘new normal’ and shape years to come. It is then a good idea to stay up to date and polish your digital skills.
