Could Remote Working Increase the Insider Threat to our Essential Services?

Could Remote Working Increase the Insider Threat to our Essential Services?

 

Blog by Chris Flynn, Arcanum Cyber Security Consultant.

Recent developments including the current pandemic, technological innovation and climate change have driven a huge rise in the number of remote workers. Our essential services have adapted to this increase by deploying more remote technologies. It is likely that this will continue to be the case. But, how do we ensure that our Critical National Infrastructure (CNI) remains safe from an insider threat in this new environment?

The risk from the insider has been long accepted and one that plagues security professionals – it is a risk that must be addressed [1]. An insider may be malicious or unintentional – regardless of type, we must take steps to protect ourselves.

Insider attack concerns for the security professional:

  • Confidentiality:
    • Data Exfiltration – unauthorised transportation of data [2]
  • Access:
    • Insider giving away access to credentials
    • Unauthorised users misusing these credentials [3 & 4]
  • Education:
    • Ensure personnel understand the risks they create [5]

With a notable increase in remote working, the operators delivering our essential services are likely to be at a higher risk from insiders than ever before [6].

When considering CNI, the insider threat should be front-and-centre in risk management, if not then the organisation may be overlooking a big security risk. Security professionals know very well that humans often play into the hands of the attacker – businesses would be foolish not to address this.

Remote working procedures might just be the perfect conditions for insider attacks to flourish. With less opportunity for employee over-sight, different social pressures and, less control over data, organisations are at higher risk of an insider attack.

Organisational risk attitudes must flex with the rapidly changing environment [7]. Internal personnel will always pose a threat to security, so consider the following when remote working:

Technology:

  • Can you exercise control over use of public Wi-Fi hotspots?
  • Can you be certain that people logging into your VPN are actually your employees?
  • Are your email filters set up to reduce risk posed by Phishing attacks?
  • Has your cloud storage been securely configured?

Culture:

  • Are employees more open to influence from malicious parties?
  • Organisational culture is more difficult to engender from afar.
  • A lack of supervision may allow mistakes or malicious acts.

Equipment:

  • Are employees using personal IT?
    • If so, has it been securely configured?
  • Has all corporate IT been securely configured?
  • Do any physical security measures need to be considered at employee homes?

To counter the insider threat, organisations must be flexible enough to discover and understand emergent vulnerabilities. Companies need to add threat intelligence to vulnerabilities to see where holes might be exploited. Only then can they identify ways to ensure that the business can be kept secure.

An Arcanum risk assessment will help you to plug these holes with robust and comprehendible policies, procedures & guidance (PPG); physical and technical controls and; risk management strategies. Arcanum can conduct tailored or full audits of existing PPG and help you to engender a secure working culture in your organisation.

Arcanum has the experience and knowledge of the UK’s CNI to help protect your company whilst working remotely. We have a team of expert cyber security consultants on hand to support you. Get in touch with Arcanum and we will help you with:

Please note Arcanum Cyber Security are still fully operational. For more information please do not hesitate to get in touch today.

Please email contact@arcanum-cyber.com

 

Sources:

[1] www.medium.com

[2] www.techradar.com/uk

[3] www.msn.com

[4] www.techradar.com

[5] www.cisomag.com

[6] www.power-eng.com

[7] www.securityweek.com