Keeping a handle on threats to your hybrid workforce

A finger pressing a padlock icon
(Image credit: Shutterstock)

Hybrid environments are a firm fixture of the modern workplace. But while this approach can bring benefits through increased morale, greater productivity, and lower costs, it is not without its challenges.

A dispersed and hybrid workforce creates a greater reliance on the cloud, a significantly larger attack surface and many more points of entry for tenacious cybercriminals.

About the author

Adenike Cosgrove is Cybersecurity Strategist for international markets at Proofpoint.

Staff working outside the norms of the office environment may also behave differently. And, backed by a host of powerful collaboration tools, it is easier than ever to share and expose sensitive information – both unintentionally and maliciously.

This now-familiar environment has seen the number of insider incidents increase by an incredible 44% in the past two years, with total annual costs running to $15.4 million, up from $11.45 million in 2020.

Hybrid working is going nowhere. To protect our data and organizations in the long term, security teams must take steps to monitor and mitigate risky insider behavior sooner rather than later. This starts by understanding the scale and nature of the risks we face.

Devastating data loss

Data loss has been a major cause of concern for organizations across industries for years. But as we increasingly share information via the cloud across physical locations, the risk of that information falling into the wrong hands is higher than ever.

In most cases, this exposure is unintentional. Almost three-quarters of insider threats are negligent, costing an average of $484,931 per incident. These events are often caused by poor cybersecurity hygiene and failure to patch or upgrade devices and systems.

Cybercriminals seize on these mistakes to gain access to networks and steal valuable data and credentials. Only recently, an error when trying to exempt a single user’s account at KPMG resulted in the loss of chat records of more than 145,000 Microsoft Teams users.

Of course, the actions of cybercriminals are often more nefarious. In June last year, video game publisher Electronic Arts (EA) was attacked by a group posing as tech support to infiltrate the company’s Slack channel. The attackers persuaded an IT administrator to hand over a multifactor authentication (MFA) key and subsequently downloaded more than 780 GB of source code.

Insiders can act deliberately too. Many organizations do not regularly monitor collaboration tools, leading some users to see these channels as safe places to share sensitive information with external third parties, with malicious intent.

With employees often granted greater network access to aid productivity in hybrid environments, malicious insiders are now far more difficult to detect than external hackers. That’s a large part of the reason why this type of event accounts for one in four incidents, costing an average of $648,062 on each occasion.

More hazards of a hybrid workplace

Data loss may be the primary concern, but it’s far from the only one. Despite the best efforts of HR teams, online platforms can be difficult to moderate. Add to this a more relaxed attitude when working in casual surroundings, and it’s not uncommon for unprofessional behavior to rear its head.

The plight of luggage startup, Away, shows what can happen when such environments go unchecked. The issue of bullying via Slack gained such momentum at the company that CEO Steph Korey was forced to step down.

This kind of toxic environment not only carries a human cost, but it can have significant implications for data security too. Disgruntled employees are much more likely to cut corners, take risks or intentionally expose company and customer data.

Finally, rapid and widescale adoption of hybrid workplaces is not the first time the blurring of lines between professional and private lives has caused problems. Social media has been giving security and management teams headaches for some time now, whether due to sharing malicious links like Equifax or falling victim to social engineering tactics like Google, Facebook, Twitter and countless others.

Once again, this highlights the need for users to be acutely aware that no matter how familiar they are with a platform, tool or working environment, they are still operating in a professional space. One that is governed by the same policies and security guidance as corporate systems within the traditional walls of the office.

Protecting your people, wherever they are

Insider threats and people risk occur for many reasons. Your staff may be unaware of the steps they need to take when working outside the office, or they may be simplifying tasks for ease. It could even be the case that disgruntled employees or leavers working out their notice are intentionally seeking to harm your bottom line.

Whatever the cause, it is up to employers to implement the remedy.

Every member of your team should understand all policies and regulatory requirements related to their work – wherever they carry it out. Most importantly, they must understand the potential consequences of failing to comply with these stipulations.

Regular monitoring of online spaces and collaboration tools is also a must. Time is a critical factor with insider threats. The annual cost of incidents contained within 30 days is $11.23 million, compared with $17.19 million for those that run over 90 days. So, the sooner you spot signs of high-risk behavior, whether malicious or negligent, the better.

As with any new development in the way we work, the risks associated with hybrid environments can be mitigated. But the time to act is now. The longer bad habits form, the harder they are to break.

At TechRadar Pro, we've featured the best business VPN.

Adenike Cosgrove

Adenike Cosgrove is the Cybersecurity Strategist for international markets at Proofpoint, where she drives product marketing strategy across European and Asia Pacific markets.