Bring Your Own Device or Bring Your Own Malware?

Author: Yaniv Marks, Project Manager at IAI-Elta Cyber division

Bring your own device or bring your own malware? – During the Covid-19 era more people began working from home, which raises many challenges in the enterprise cyber security field. Moreover, the number of effective cyber attacks is rising. Therefore, the need for advanced cyber security systems, enabling cyber hygiene is also rising.

According to a Cisco report, published October 2021, remote working in March 2020 reached a level where two-thirds (62%) of organizations globally had more than half of their workforce working remotely, compared to only 19% before the pandemic. The Cisco research, however, reveals that less than 50% had sufficient cybersecurity in place to support this transition. Finally, the Cisco report indicated a large increase in cyber attacks during this era, as 61% of organizations globally have experienced a jump of 25% or more in cyber threats and alerts since the start of COVID-19.

One of the CISO’s (Chief Information Security Officer) main tasks is to ensure an adequate cyber security protection in face of these rising challenges, while at the same time maintaining business continuity.

This period’s business reality, which forced the market to send employees to work outside the cyber secure organizational perimeter, created a challenge.

By way of example, from the organizational CISO’s point of view, when an employee connects their computer to the corporate infrastructure remotely the challenge doubles:

1. The employee’s personal computer is not configured and hardened according to the organization’s cyber security policy. It is, therefore, less secure than computers that belong to the organization.
2. The employee’s personal network at home (usually WiFi) usually is less secure and serves other computers and devices that are not affiliated with the organization (e.g. for home schooling of the employee’s children).

Even if the employee is equipped with a computer from the company, this does not necessarily guarantee that he will be the sole user of the computer. One potential layer of protection that many organizations use is a VPN connection to the company’s servers. However, this layer also has its drawbacks, especially if an attacker already succeeded in introducing malware into the employee’s computer.

Following are two recommendations on increasing cyber security capabilities, which are based on existing capabilities included in the currently available computers:

1. Virtualization, combined with a secure boot, enables building a trusted environment in the computer.
2. SGX technology enables inaccessible writing applications (since the code is encrypted and opens only in the processor) even to layers residing under the operating system. Generally, SGX enables creating a protected Enclave (container) within the processor in which the application will run in a safe mode. It should be noted that the application’s code and data are encrypted and decoded only when the application runs in the processor. The code is also encrypted from malware residing in the operating system.

Finally, it is important to remember that within the cyber-security paradigm, the weakest link is the always the human factor. The bottom line is that the organization’s ability to enforce employees to observe cyber hygiene, while working from home, is more limited and is usually based on good will.

Therefore, CISO’s that wish to elevate their organization’s cyber hygiene, especially with employees working from home, should ensure that part of their short term workplan includes cyber training, cyber awareness and cyber drills. IAI’s experience indicates that hands on training as well as e-learning are extremely effective in improving employees’ cyber awareness and are usually very welcome by the employees. The IAI TAME Range platform is a state of the art, field proven, cyber training platform, allowing to effectively train employees as well as IT and cyber security teams, and to overall improve the cyber security posture of organizations.

Summary

Bring your own device or bring your own malware? – Pursuant to the Covid-19 outbreak, an increasing number of organizations adopt remote work and hybrid work solutions, increasing the organizations cyber attack surface. It is highly recommended to assimilate built-in solutions for cyber hygiene, also while work is done on the employee’s personal computer. Furthermore, organizations that wish to elevate their cyber security posture must strive to include cyber training, cyber awareness campaigns and cyber drills in their workplan. The IAI Tame Range platform is an extremely useful platform for these types of activities.

Follow Us

Bring Your Own Device or Bring Your Own Malware?