Featured Product
This Week in Quality Digest Live
Management Features
Eric Whitley
Seven tips for efficient maintenance
Zhanna Lyubykh
Consequences and costs of abusive supervision
Dario Lirio
Modernization is critical to enhance patient experience and boost clinical trial productivity
Oliver Binz
Better internal information systems help managers tell consumer demand from inflationary pressure
Dale Crawford
Electrical contractors and other skilled trades are losing institutional knowledge

More Features

Management News
Attendees will learn how three top manufacturing companies use quality data to predict and prevent problems, improve efficiency, and reduce costs
More than 40% of directors surveyed cite the ability of companies to execute as one of the biggest threats to improving ESG performance
MIT Sloan study shows that target-independent compensation systems can be superior
Steps that will help you improve and enhance your employee recruitment, retention, and engagement
300 Talent acquisition leaders and HR executives from companies gather in Kansas City
FedEx demonstrates commitment to customer-focused continuous improvement
SONY-based 8MP color, UVC USB, high-speed camera provides high dynamic range and dual-stream support
Configuration lifecycle management provider saw 42% increase in annual recurring revenue
Designed to offer a comprehensive safety solution for fleet vehicles and workforce personnel

More News

Don Cox


Five Steps to WFH Cybersecurity

Businesses can’t afford to delay cybersecurity measures any longer

Published: Tuesday, May 18, 2021 - 12:03

Despite the high ratio of intelligent work-from-home (WFH) business professionals, the current cybersecurity landscape for that work model could best be described as disorganized and dysfunctional. Hackers have been busy exploiting these cyber risks, as evidenced from the reported 300-percent increase in cybercrimes in just the first quarter of 2020.

In the more than 791,790 cybercrimes reported throughout 2020, the total losses exceed $4.1 billion. For small or family-owned businesses, losses from a cyberattack could be unrecoverable and have ripple effects for years to come. The swift shift to remote work at the onset of the Covid-19 pandemic only exacerbated flawed and often stop-gap cybersecurity plans. Now, more than a year into virtual work for many Americans, it’s clear businesses can’t wait any longer to fully invest in cybersecurity for team members, programs, and education as WFH is here to stay.

In March 2020, Covid-19 caught nearly every company, large or small, off guard, as they sent their employees home with little notice and no real plans. With more than 50 percent of the workplace remote, this change without proper protections and guardrails is a recipe for disaster. In this shift, employees began using personal computers, home networks, and unprotected company-issued technology—all of which are massive cyber risks.

The quick and unexpected switch to a mostly remote workforce meant new software, hardware installations, and rollouts weren’t properly deployed or installed. Plus, IT departments scrambled to conduct and complete security audits and develop procedures.

As vaccinations become widely available and case numbers trend downward, leaders must make important decisions about remote work indefinitely. While deciding between hybrid work models or a phased reentry to the office, cybersecurity teams must lead the charge to keep company data safe during these changes.

At this point, companies have figured out a game plan for continuing to operate, but it’s worth considering if there are stronger, more efficient, and more sustainable ways to securely continue virtual work.

After 25 years in the industry and working in numerous companies, these are the five steps I strongly urge business leaders to take to boost cybersecurity as WFH continues.

Invest in web-based applications
Instead of wondering who might have access to company data, secure it exclusively through web-based applications. This setup allows companies to fully control access and provides another level of required verification to stop hackers from gleaning data. There are countless types of software, services, and applications that could apply to different businesses or industries, but every business should look carefully at their potential access points and investment in shoring up any vulnerabilities. This could save thousands of dollars in the long run.

Create clear, communicated policies
The initial frenzy of the pandemic has passed, and it’s time to look at WFH measures with intention and for sustainability. To secure company data, companies must create clear policies about software updates, information storage methods, password protections, and more, and communicate them to employees. Taking these policies one step further, they must enforce sanctions if the policies and procedures aren’t followed. This shows employees the seriousness of cybersecurity and provides a clear incentive to follow the policies moving forward.

Cybersecurity measures must come from the top down
Company leadership has to be fully invested and vocal about its support of cybersecurity measures. Employees will emulate what they see leadership doing and value what they value, so ensuring the CEO, board of directors, and managers have bought in to the measures is critical.

All team members are cybersecurity team members
Regardless of what department or job title someone has, all employees must see themselves as a valuable member of the cybersecurity team. A data breach affects the whole company’s ability to function and remain profitable, so all employees should be educated and trained on security measures within their own roles. IT departments can help with this by being visible within the company, present at work events, helpful in assisting with issues, and relating potential vulnerabilities to the employee or project at hand.

Institute advanced training for IT teams
IT teams must think beyond a standard checklist and look at the whole environment of their companies. By understanding the normal patterns of employee behavior, cadence of emails, and more, cybersecurity professionals can detect anomalies in the company’s network environment and quickly work to secure them. A personal tactic of mine in training IT teams is taking deep dives into notable hacks and cybercrimes. It’s been said, “There’s nothing new under the sun,” and cybercrimes are no different, so recognizing the patterns of vulnerabilities gives teams insight for where to strengthen protections and mitigate damage.

For companies planning to head back into an office environment, there are new challenges to consider as employee’s home networks and personal devices intermingle with company networks and devices. There are several potential solutions to this, including having employees wipe the memory from personal computers used during remote work; issuing new company-owned devices; or creating a drop-off system for devices to be prescanned by the IT department before employees return to the office. All these solutions offer advanced protection, but also come with tradeoffs for the amount of time, money, and effort required.

As industry has from the very beginning, cybersecurity will continue to evolve and protect the people and information that are most important. It is imperative for company leaders to take cybersecurity seriously in workforce logistics, and for cybersecurity professionals to hold a valuable seat at the table to guide us forward safely.


About The Author

Don Cox’s picture

Don Cox

With a Master of Business Administration, Masters of IT Management, Graduate Certificate in Chief Information Officer Competencies, CISM, Security+, PMP, ITIL, and other computer forensics and industry certifications, Don Cox is the Chief Technology Evangelist at CIBR Warriors. Cox serves as an Executive Member for CyberTheory.io and CyberEdBoard Community. As a leader, innovator, and motivator, Cox is known for his vast knowledge across many technology domains.