cybersecurity and the remote-working revolution

1

A guide to protecting your data, your business and your employees, now and in the futureEMEA edition

CYBERSECURITY AND THE REMOTE-WORKING REVOLUTION

© 2020 AT&T Intellectual Property. AT&T, Globe logo, and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners.

Overview ____________________________ page 4

The future of remote working __________ page 5

Cyberattack vulnerabilities on the rise ___ page 6

Protect your business: four steps toward success _____________ page 9

From CSO to CSO _____________________ page 10

Securing the cloud: four steps toward success _____________ page 11

Sector view

Retail ________________________________ page 12

Finance ______________________________ page 13

Healthcare ___________________________ page 14

Manufacturing _______________________ page 15

Cybersecurity links to success __________ page 16

The end of the perimeter ______________ page 17

References ___________________________ page 18

Table of contents

2© 2020 AT&T Intellectual Property. AT&T, Globe logo, and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners.

Sleepwalking into a cybersecurity nightmare?As companies around the world began to shut offices and switch millions of employees to remote working, it brought new challenges for the workforce and for business. Many of those workers are still there – with the dining table doubling as the desk, or the spare bedroom operating as a makeshift home office.

To allow for this dramatic change, IT teams worked furiously to deliver the ‘new’ world of videoconferences, instant messaging and collaborative virtual meeting rooms. Getting all that tech up and running was just one part of the equation. Protecting the data and the people that use it is even more critical – and our research suggests it’s the challenge cyber experts fear the most.

To stay ahead of cybercriminals, companies need a unified approach that aligns their people, processes and technology. That transition from offices to homes needs reinforcement of cybersecurity policies and best practices.

Even after employees return to the office, they will increasingly expect to have the flexibility of working remotely, whether that’s from home, on-site or while travelling.

Now is the time for investing in and implementing technologies to support this transformation for the long-term. We know from our own research that the most successful businesses prioritise cybersecurity. The way business operates is changing, and IT departments, and their cybersecurity teams, must keep pace. This is no time for misplaced confidence. Cybercriminals, having seen an opportunity, are finding new ways to capitalise on vulnerabilities. Companies need to wake up to the threat, or risk becoming the next victim.

If you’d like to learn more about AT&TCybersecurity’s end-to-end managed solutions,and our position as #1 in MSSP Alert’s Top 250#MSSP List for 2020, contact me and I’ll putyou in touch with the team.

JOHN VLADIMIR SLAMECKA, EMEA PresidentAT&T Business


https://www.msspalert.com/top250/list-2020/25/

https://www.msspalert.com/top250/list-2020/25/

mailto:rm-JohnVSlamecka%40intl.att.com?subject=contact%20AT%26T%20report%20Cybersecurity%20and%20the%20remote-working%20revolution

This report, which is informed by a survey of 800 cybersecurity experts across the UK, France and Germany, looks at the new pressures facing cybersecurity professionals today. It identifies what businesses need to consider to help protect their organizations and realign themselves for a long-term move to remote and/or hybrid working.

Organisations that prioritised cybersecurity before the pandemic will need to re-evaluate and reinforce their systems and processes and assess new risk factors.

Organizations that hadn’t invested in cybersecurity previously will need to act quickly to implement security measures and mitigate risks. Faced with uncertainty in every direction, companies need to balance the ability to respond quickly and effectively to new and unforeseen challenges. They also need the agility to take advantage of new opportunities brought on by the introduction of new technologies like 5G, IoT and AI.

In this report, we share our thoughts on how organizations can best navigate these unchartered waters, based on both the testimony of cyber experts and what we are seeing across our customer base of leading organizations in every industry.

Overview

About AT&T Cybersecurity

AT&T Cybersecurity helps make your network more resilient. Together, the power of the AT&T network, our Cloud-based solutions with advanced technologies including virtualization and actionable threat intelligence from AT&T Alien Labs and the Open Threat ExchangeTM, and our relationship with more than 40 best-of-breed vendors, help accelerate your response to cybersecurity threats. Our experienced consultants and SOC analysts help manage your network transformation to reduce cybersecurity risk and overcome the skills gap. Our mission is to be your trusted advisor on your journey to cybersecurity and network resiliency, making it safer for your business to innovate.


COVID-19 and remote working has accelerated change: cybersecurity experts must prepare for what comes nextAt the beginning of 2020, no one could have predicted that most European office workers would be spending the majority of the year working away from the office. But the biggest surprise of remote working may be that it has worked so well.

Due to the continuing disruption of the pandemic and the fact that some businesses are managing the transition to home working so effectively, some high-profile businesses have committed to

home working until at least 2021. Others have cancelled office leases and are currently drawing up plans for a hybrid working model with a staggered return to the office at some point in the future.

Even when workers were allowed back to their offices in August, data suggests that just 50% of people in five big European countries were spending every working day in the office.

The question is now whether this will continue after the threat of the pandemic has passed.

For cybersecurity experts, there’s a lot riding on the answer to that question. Extended home working requires new hardware, software and more secure collaboration technology. It also requires a rethink in how companies can protect a workforce that may be located across town or even around the world.

Cybersecurity experts from the largest businesses expect major changes in the coming year.

66%

60%

Two thirds (66%) predict an increase in remote working

Three in five (60%) expect more digital transformation of business processes and cloud implementation in the year to come

60% 52%

48%

More than half (52%) believe that their business will adopt new automation and robotics tools

Nearly half (48%) will change their technology provider


70% of large businesses believe remote working makes them more vulnerable to cyberattacksIn June 2020, not long after the first wave of the pandemic was waning, AT&T conducted a survey of 800 cybersecurity professionals across the UK, France and Germany to better understand how they were responding to the challenges of COVID-19 and a new remote workforce.

The results showed that cybersecurity experts initially had a lot of confidence in their ability to manage a transition to a largely remote workforce.

According to the survey, 88% initially felt well prepared for the migration. However, more than half (55%) said that widespread remote working was making their companies more or much more vulnerable to cyberattacks. The figure jumped to 70% for large businesses with more than 5,000 employees.

This belief is not misplaced. Cybercriminals are taking advantage of the fear and uncertainty

surrounding issues like the current global health and economic situation, as well as sudden shifts and exposures in IT environments, to launch attack campaigns.

In March, as the global pandemic was declared and organizations around the world began implementing wide-scale remote working policies, OTX experienced a 2,000% month-over-month increase in COVID-related IOCs.

Cybersecurity experts share top concerns when dealing with a newly remote workforce.

44% 39% 28%

39% 39% 33% 28% 26%

ransomware and/or malware attacks

external threats such as nation-state attacks or hacking

distributed denial of service (DDoS) attacks

phishing unintentional employee mistakes resulting in data breaches

intentional internal sabotage


Employees identified as the greatest risk factor Nearly one in three (31%) cybersecurity experts cited employees' lack of awareness, apathy, and/or reluctance to adapt to new technologies as one of their main challenges in implementing good cybersecurity practices within their business.

And there’s a reason why so many cyber criminals target employees. As Echo, the EU’s cybersecurity

network, recently pointed out, hackers are taking advantage of the significant, often improvised transition to online working and schooling. They are also exploiting the concern, angst and (perceived) lack of information individuals are feeling in the wake of social unrest to get them to lower their guard against suspicious cyberattacks.

Remote-working employees are putting their companies' data at risk.

35% 32% 29%

32%

32% 29%

28%

28% 24% 18%

are using devices for both work and personal use

are accessing corporate networks and data through unsecure consumer Wi-Fi connections that are not controlled by the company

are using third-party videoconferencing services that are not considered secure and are not authorized by the company

are accessing corporate networks and data from personal laptops and devices that are not managed by the company

are accessing the internet and web-based applications via private Wi-Fi connections due to delays in their company’s virtual private network (VPN) connection

are sharing or storing sensitive information in unsanctioned cloud applications

are sharing their work device with another family member


https://echonetwork.eu/wp-content/uploads/2020/04/20200408-ECHO-WhitePaper-Hackers-Mindset-FINAL.pdf

…but are companies addressing the problem?

According to cybersecurity experts from companies of all sizes:

25% 24% 22%

24% 17%

have not offered additional cybersecurity training for employees

have not increased endpoint security to protect laptops and mobile phones

have not created secure gateways to applications hosted in the cloud or in a data centre

have not implemented internet browsing protection from web-based threats

While many businesses have introduced new cybersecurity measures to mitigate risks since the onset of COVID-19, many have not taken basic steps to protect a suddenly remote workforce.


“Working from home changed the exposure of enterprise to cybercriminals. The lines are blurred. Endpoints accessing corporate applications and data are now connected to an uncontrolled infrastructure via VPN connections.

Couple that with companies moving to the cloud so quickly that, in some cases, their security is not keeping up. A year ago, strategic talk was of making that move in the next 3-5 years and now the common question is, ‘can we get it done in the next 18 months?’ Having a multi-layer, managed security posture is important, perhaps now more than ever.”

GARY OLSONVP, Americas, EMEA & APAC Sales at AT&T CyberSecurity

Provide remote access security

Giving administrators the ability to access specific applications hosted in the cloud or the data centre allows workers to stay productive and protected against web-based threats, including zero-day attacks. A global security gateway provides highly secure access and unified protection against web-based threats across all users.

Secure laptops and mobile devices

Employee endpoints – including both company-owned and BYOD laptops and mobile phones – are potentially vulnerable to cyber attacks. Unified endpoint security solutions provide support across device onboarding, deployment, configuration and enrolment, helping organizations to roll out endpoint protection quickly and efficiently.

Reinforce security best practices

Regular awareness training is at the heart of building a workforce and culture that understands cybersecurity risks and takes them seriously. Reinforcing cybersecurity policies and best practice through engaging training solutions is the best way ahead – and working with an external advisor on this can save cybersecurity professionals’ time when it comes to building training modules.

Protect employees’ online browsing

Employees need to be confident that they’re protected from web-based threats, wherever and however they connect to the internet. Enterprise traffic protectors help provide that users won’t be harmed by trojans, ransomware and phishing attacks – even when they log on outside the corporate network.

Protect your business and your people: four steps toward success


CSO thought leadershipThe world changed with COVID-19. And frankly, it was remarkable how IT kept pace. Just a few years ago, things like work-from-home and curbside retail were security exceptions to be managed. The scale and speed of this year’s virus demands might have ground them to a halt.

But we saw what actually happened. AT&T and other global networks were able to handle the traffic shifts. Many employees had the equipment they needed to work from home. And businesses with viable online models were already years into perfecting them.

COVID-19 was “go time,” not “stop time.”

The problem is that it’s not just the good guys who are adjusting to the new world. So, here are four thoughts:

• The attack surface has changed, and it’s likely to stay changed. You’re familiar with the new basics, such as monitoring remote access and devices. You know that the action to watch is now at the VPN head-end, not in the local network. But are you budgeting properly for next year? Make sure your security plans align with the back-to-work strategy of your business.

• Cloud is a key play for security and continuity. Its very nature helps keep your business locally and globally resilient against pandemics and other major events. The security needs are different – beyond guarding an enterprise perimeter. But the benefits can be worth it.

• Digital transformation helps security, too. When you use good practices in your development cycle, and when you deploy infrastructure as code, you get protections in place quicker. It’s a good way to help keep pace with attackers.

• 5G and IoT are real. LAN speed is old news. Your people and processes are remote – and 5G will help give them highly secure, high speed and low latency connections like they were on your campus. Are you looking at the infrastructure to take advantage?

My job as CSO of AT&T is to oversee security for one of the largest networks in the world – with more than 390 petabytes of data crossing it on an average day. I work closely with my colleagues in AT&T Cybersecurity who provide managed security services to enterprises like yours. We’re in this together, to help make sure all of us are protected and thriving.

BILL O’HERN, EVP & Global Chief Security Officerat AT&T


Protect web applications

DDoS security solutions preserve the availability of networks circuits that connect an organization’s employees, customers and partners to public-facing web applications. Remote technicians can take swift action to block malicious traffic, allowing legitimate transactions to continue uninterrupted.

Monitor public cloud environments

Threat detection and response services provide continuous and vital security monitoring for public cloud IaaS and SaaS environments, working alongside on-premises network and endpoint monitoring. Adopting a platform-based approach helps reduce the complexity and cost of security monitoring, allowing organizations to get started quickly, while threat intelligence updates help them stay up to date as the situation changes.

Identify web application risks

Bespoke scanning solutions assess an organization’s suite of web applications and APIs, identifying vulnerabilities including cross-site scripting (XSS) and SQL injection. Regular testing helps produce more consistent results, reduces false positives and can be scaled up easily to cover thousands of websites.

Assess cloud readiness and risk

Threat and vulnerability management services allow organizations to bring in a trusted advisor to help assess cloud security controls and identify any configuration issues or vulnerabilities. By gaining a comprehensive view of an organization’s cloud inventory, the location of its assets and its public cloud security posture, consultants can build the right response and prioritize vulnerability mediation.

Protecting the cloud to allow for business continuity: four steps toward success


SECTOR FOCUS: RETAILPerhaps no other industry has experienced the transformative impact of COVID-19 as acutely as the retail sector. Having managed the shift to omnichannel retail over the past decade, the pandemic robbed the sector of customers at physical locations overnight. In fact, 23% of cyber security specialists at retailers said they were unprepared for the move to remote working, compared to an average of 11% across all industries.

But the sector rallied quickly and pivoted to providing customers with more online options (which increased the complexity of their logistics networks) and integrated new technology like contactless payments.

All this has increased their vulnerability to cyber threats, with 33% of cybersecurity experts in retail saying that an increased demand for products and services was one of their main challenge to implementing good cybersecurity practices (compared to a cross-industry average of 29%).

Retailers rely on their customers’ trust. As they work to adapt to sudden, widespread disruption to the normal flow of operations, cyber risk must be addressed in parallel. With solutions that support connectivity, collaboration and cybersecurity, AT&T can help retailers accelerate business transformation without compromising on cybersecurity.


SECTOR FOCUS: FINANCEFinancial services is one of the most targeted industries for cyberattacks. And cybersecurity experts are feeling the heat. But it’s not the external factors or employees who are causing them the greatest concern.

38% of cybersecurity experts in the financial industry say that one of their top three challenges to implementing good cybersecurity practices is inadequate IT/cybersecurity personnel support due to illness, reduced staff, increased workload or lack of training/know-how. 34% cite increased external demand for their company’s products or services, which puts pressure on resources.

Furthermore, despite being well prepared for the move to remote working, cybersecurity experts in this sector cite poor cybersecurity hygiene from employees, with 38% of cybersecurity experts saying remote workers are accessing corporate networks and data through unsecure consumer Wi-Fi connections that are not controlled by the company.

Faced with a multitude of urgent cyber risk and compliance challenges, CISOs and cybersecurity leaders should engage a trusted advisor to help prioritise their actions and investments. AT&T Cybersecurity can help organisation navigate complexity and cost with a unified approach that aligns people, process and technology.


SECTOR FOCUS: HEALTHCAREHealthcare was naturally at the heart of all countries’ response to the pandemic. As frontline workers stayed in hospitals to treat the sick and provide the essential first response, countless support staff rapidly moved to a remote environment and relied extensively on videoconferencing tools to stay connected to their colleagues and patients.

The industry – still predominantly based around hospitals and other physical locations – was the least prepared for this change, leaving organizations particularly vulnerable to threats given their relative lack of maturity.

• 29% of cyber security specialists at healthcare organizations said they were unprepared for the move to remote working, compared to an average of 11% across all industries.

• 34% of cybersecurity experts ranked employees’ lack of awareness, apathy and/or reluctance to adapt to new technologies as one of their main challenges in implementing good cybersecurity.

As workers transition from offices to their homes, practicing good cybersecurity hygiene becomes even more critical. During this transition, organisations should take time to reinforce cybersecurity policies and best practices. AT&T Cybersecurity can help with security awareness training solutions that address individual accountability in maintaining an organizations’ cyber risk posture.


SECTOR FOCUS: MANUFACTURINGAs COVID-19 threatened supply chains with the risk of shutdown and forced manufacturers to re-tool operations to comply with social distancing, additional disruptions from cyber incidents would have had even more of an impact than usual.

COVID-19 related phishing campaigns regularly targeted the world’s best-known shipping and logistics companies, and business email compromise attacks using coronavirus themes were rife.

• 34% of cyber security specialists in manufacturing companies said that their top concern was the increased frequency and/or sophistication of cybersecurity attacks.

• 47% listed phishing as the greatest cyberthreat to their business.

Today’s modern workforce needs the ability to have protection when they connect to the internet, wherever they are conducting business. AT&T Enterprise Traffic Protector helps protect users against web-based threats including trojans, ransomware, and phishing attacks, even when they are off the corporate networks. Administrators can also enforce acceptable policies, customised by department or user to provide that the websites they visit are safe and appropriate for the workforce.


Business success related to cybersecurity focus

Please rate your level of agreement with the following statement : My organisation's security posture makes our overall business success much more likely (Percent of respondents)

Organisations' revenue performance, by cybersecurity matury

Thinking about your company's latest fiscal year (FY), which of the following represents its performance relative to its revenue goal ? (Percent of respondents)

The most successful companies prioritise cybersecurity Cybersecurity isn’t just about defense. It’s also the best offense for a business that is looking to grow and innovate. According to our research, there is a correlation between successful businesses and cybersecurity acumen.

The report’s research – which surveyed 500 cybersecurity and IT professionals directly involved with their organisation's cybersecurity strategies, controls and operations – divided organisations into ‘emerging’, ‘following’ and

‘leading’ categories based on their cybersecurity maturity. Respondents from ‘leading’ organisations viewed security as “an enabler” of business initiatives five times more often than their peers at ‘emerging’ organisations.

These ‘leading’ organisations strongly agree (73%) that their security approach makes overall business success much more likely. Security professionals at these companies also tend to think of themselves as business

enablers – there’s a productive relationship between business and security teams, rather than security being seen as something that just says “no”.

Strong security can provide a vital foundation for organisations to be more ambitious with IT-led business initiatives like digital transformation – 57% of ‘leaders’ claim to have exceeded revenue goals by more than 7%, compared to 25% of ‘followers’ and just 13% of ‘emerging’ organisations.

Leading orgs are 2.3x more likely than emerging orgs to draw a direct line from security to business success.

Emerging organisations (N=197) Following organisations (N=203) Leading organisations (N=100)

Emerging organisations (N=197)

Estimated mean overperformance: 3.14%

Following organisations (N=203)


Leading organisations (N=100)


Strongly agree

We exceeded our revenue goal by 7%+

Agree

We exceeded our revenue goal by 2% - 6%

Do not agree

We did not exceed our revenue goal

34% 50% 79%

13% 25% 57%

48% 44% 21%

61% 62% 34%

18% 6%

26% 13% 9%


The end of the perimeter: cybersecurity must adapt to the age of remote workingThe cybersecurity landscape is constantly evolving. In the 1990s, anti-virus products emerged to combat hobbyist hackers looking to prove their computer science savvy, but organisations today face a far more complex and sophisticated set of threats. Actors in the new world of commercialised cybercrime can launch a potentially catastrophic cyberattack without being technical experts. Commercialized cybercrime is fully supported on the Dark Web. Cybercrime is now as easy to perpetrate as a call to the help desk.

COVID-19 and the resultant shift to a majority-remote workforce for many organisations has exacerbated the ease for cybercriminals to take advantage of current events to launch attacks. While many companies already supported some regular home-workers, the overnight surge put incredible stress on IT systems, processes, and cybersecurity teams. These unforeseen changes in the way employees connect to the corporate network, access data, and access applications increased cyber risks and vulnerabilities.

This white paper aims to explore these changes and pinpoint some essential next steps organisations should take to help provide their cybersecurity portfolio is current with

the world-changing events of 2020. Organisations should approach any business initiative with a cybersecurity-first mindset, prioritising that cybersecurity is part of the culture.

As data continues to reside in multiple locations more organisations’ network architecture will evolve to a Zero-Trust model. This concept is centred on the belief that an organisation should not automatically trust anything inside or outside its perimeters. Applications, users, and devices have moved outside the traditional corporate zone of control, making the once-trusted perimeter obsolete. The Zero-Trust model will help organisations evolve their enterprise security and networks to help protect the business and help reduce the chances of a data breach.

COVID-19 has accelerated reliance on technology – it is now essential for even basic tasks like two colleagues talking to each other. We’re all doing incredible things under difficult circumstances, but our remote-working revolution means we all face a host of new and continued cyber risks. The ability to adapt quickly is critical to help prevent a vulnerability from becoming a catastrophic breach.

THERESA LANOWITZHead of EvangelismAT&T Cybersecurity


AT&T references

• AT&T survey finds businesses believe remote work increases cyberattack vulnerability

• Why right now is the best time to assess your cyber response to COVID-19

• The relationship between security maturity and business enablement

External references:

• The COVID-19 hackers mind-set, Echo white paper #1

• The Forrester wave: global managed security services providers

• IDC marketspace for managed security service providers

References


https://about.att.com/story/2020/cybersecurity.html

https://about.att.com/story/2020/cybersecurity.html

https://cybersecurity.att.com/blogs/security-essentials/why-right-now-is-the-best-time-to-assess-your-cyber-response-to-covid-19

https://cybersecurity.att.com/blogs/security-essentials/why-right-now-is-the-best-time-to-assess-your-cyber-response-to-covid-19

https://cybersecurity.att.com/blogs/security-essentials/the-relationship-between-security-maturity-and-business-enablement

https://cybersecurity.att.com/blogs/security-essentials/the-relationship-between-security-maturity-and-business-enablement



https://cybersecurity.att.com/blogs/security-essentials/the-forrester-wave-global-managed-security-services-providers-q3-2020

https://cybersecurity.att.com/blogs/security-essentials/the-forrester-wave-global-managed-security-services-providers-q3-2020

https://www.idc.com/getdoc.jsp?containerId=US46235320

https://www.idc.com/getdoc.jsp?containerId=US46235320

Visit AT&T Cybersecurity online

THANK YOU

© 2020 AT&T Intellectual Property. AT&T, Globe logo, and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners.

www.grouperougevif.fr - Rouge Vif - 26872 - Crédits photos © Adobe Stock : pinkeyes, greenbutterfly, Siarhei, undrey, jijomathai, goodluz, Framestock, pickup, Sashkin, Michael Traitov, ty, fizkes, wutzkoh, kras99.

https://cybersecurity.att.com/

cybersecurity and the remote-working revolution

Documents