KUALA LUMPUR: Since the Covid-19 pandemic started in 2020, cyber criminals have sought to take advantage as businesses moved to rapid digitisation with an overnight shift to remote working.
A Future of Secure Remote Work study by Cisco Systems reported that 62% of organisations in Malaysia had experienced over 25% in cyber threats or alerts since the pandemic started.
Raz Mohamad, Cisco’s Systems sales director (small business, commercial and distribution, South-East Asia) pointed out that the more sophisticated way cyberattacks are evolving is a bigger concern.
Last year saw a big evolution in ransomware, where cyber criminals are now leveraging systems as an initial entry point into the network and subsequently moving laterally for access to additional systems and escalating privileges.
“This approach has become known as ‘big-game hunting’, characterised by adversaries actively targeting backup systems, domain controllers, and other business-critical servers during post-compromise phase of their attacks, leaving more damaging impact on businesses, ” said Raz, who has been with Cisco for 12 years, in various roles in Singapore and London.
On a more encouraging note, according to the Cisco report, cybersecurity is now a top priority among organisations in Malaysia with 81% of respondents who recognised its importance now compared with pre-Covid-19, and 56% are expecting to increase their spending.
Raz also noted that hybrid working (some employees are onsite while others work from home) is likely to remain.
In the same study, 35% of respondents said they expect more than half of their workforce to continue working remotely post Covid-19, compared with only 20% before the pandemic.
“We expect more companies to experience and appreciate that their employees can stay connected and productive while working remotely. It also offers employer and employee’s greater choice and flexibility from business and human capital perspectives, while bringing more diversity into the workforce, ” he said.
The successful implementation of a flexible hybrid workforce requires organisations to complement their cybersecurity investments with strong policies, enforcement protocols and a comprehensive education programme.
Raz stressed that this is especially critical because many employees have and are still adjusting to the changing work habits in real time, while malicious attackers continue to capitalise on the unsuspecting.
The study also identified that secure access (74%) was the top cybersecurity challenge when working remotely, followed by data privacy (65%), and managing control and enforcement policies (60%).
Raz pointed out that despite the advantages of a hybrid workforce, there are complexities that strain both the security and information technology (IT) teams, increasing the organisation’s vulnerabilities with growing threats and varying unsecured remote connections to manage, especially for small and medium businesses.
“At Cisco, we view this as a unique opportunity to transform the approach to security to better meet the needs of our customers and end-users. With our years of proven expertise and leadership in networking and security, we are in the position to help businesses of any size create a flexible, safe, and secure hybrid work environment, ” he said.
Combined with an unrivalled threat intelligence and an industry-leading zero trust approach, Cisco effectively delivers complete protection from endpoint to cloud, while significantly reducing time to detect and remediate security threats.
“The changes and challenges are here to stay, but we are focused on enabling highly-secure access and the best collaboration experiences whenever employees are, so that our customers can keep up with their business priorities, ” he added.
Meanwhile, endpoints (like desktops and laptops) are a top target of attacks, with 70% of breaches originating from endpoints.
Raz noted that organisations in Malaysia are making conscious efforts to improve their cybersecurity policy and support remote workers by increasing endpoint protection, web and virtual private network (VPN) control.
Cisco’s Endpoint Security solution can defend remote workforces by blocking attacks at the endpoint before compromise, and enabling rapid and complete threat response.
A key feature is the industry-first solution with a built-in platform, called SecureX, that delivers stronger protection with simplified orchestration and automation. It reduces the time to respond and remediate an attack by as much as 85%.This solution delivers next-generation antivirus (AV), advanced endpoint detection and response (EDR), simplified and managed threat hunting, IT/posture hygiene, and cross-control detection and response (XDR) as a more coordinated defence.
“Our Cisco Endpoint Security solution is an integral part of Cisco’s Secure Remote Worker solution, helping to accelerate business success by empowering employees everywhere with secure access to the applications and critical resources needed, whether in the public cloud or on-premises, ” said Raz. He also pointed out that IT Teams must have the foresight and see when an attack is coming, instead of waiting to respond.
“If you do not have the foundational cybersecurity technologies, protocols and policies in place, organisations can start by making incremental investments in cloud security solutions and zero-trust frameworks to securely support a hybrid future of work, ” he said.
Organisations must also improve employee awareness on adopting security-centric practices; identifying phishing attacks, practicing good password policy, and keeping software updated.
“Compliance-based training cannot be just once-a-year. But rather, it must be part of the culture because at the root of it, people are your strongest link in any defence, ” Raz added.
Join the free live webinar Cybercrime Protection: Why Now More Than Ever on April 27. Raz will discuss how Cisco can effectively assist small businesses to defend themselves against cyberattacks. The free live webinar is organised by Star Media Group Bhd in partnership with Cisco.
Visit bit.ly/starcisco1 to register.