The current pandemic has resulted in millions of white-collar employees working from home, using their own laptops; cameras; mobile, data storage and technology devices; and internet service providers.
‘With many companies implementing national guidance and protecting their workforce during the COVID-19 outbreak, the increased use of Bring Your Own Device (BYOD) and connectivity through shared home environments is presenting additional risks to the cybersecurity of these organisations,’ states Dee Lotrian in a recent article from CSIRO’s Data 61.
In it, Lotrian seeks advice from Dr Surya Nepal, Group Leader and Senior Principal Research Scientist of the Distributed Systems Security group and cybersecurity expert, on what organisation leaders need to consider if a substantial number of their employees and colleagues are working from home.
Dr Nepal outlines three elements to cybersecurity that should be considered under the current circumstance: human error, “the weakest link”; technical aspects such as securing internet services; and establishing proper data and network security governance and policy – that is, ensuring all WFH employees know how to connecting securely to their networks, use teleconferencing and the like.
According to Dr Nepal, Data61’s Human Centric Security team is focused right now on “identifying cybersecurity governance needs and remedies, thus transforming cybersecurity governance”.
“The challenge the team is tackling is designing and developing a cybersecurity governance framework that is flexible enough to evolve with a changing threat landscape, replicateable amongst different organisation, but also tailored to each organisation’s needs, taking into account the unique set of attributes that make up each entity,” he says.
Everything in cybersecurity, he notes, revolves around three fundamental principles: user, usage and usability, which need to be looked at holistically, Dr Nepal contends. “Only once all three have been taken into account and implemented can we safeguard our home environments.
“Going through a global pandemic has the potential to fundamentally change the way we live and work; therefore it’s time to prepar[e] for future workplace needs.”
Source: Cybersecurity considerations amidst a global pandemic I CSIRO