Remote working has made cyber threats more prevalent globally. Now more than ever, cybersecurity must be at the forefront of business processes. Telecom Review Asia interviews Bernadette Wightman, managing director, banking and financial services, BT, to find out more about cybersecurity challenges that stem from hybrid working and best practices to adopt as organisations tackle evolving risks.
The pandemic has upended work and accelerated remote working globally. With hybrid working becoming a new pattern in the global workforce, what are some of the challenges faced by organisations?
The pandemic gave millions the opportunity to experience the benefits of working from home. The main challenge is to move on from the emergency arrangements of the past year and enable ways of working that can support a diversity of workstyles. This needs to be done sustainably and for the long term. It applies to all businesses: those that want to re-introduce office-based working style, those that will allow ‘work anywhere’ for all, and every variation in between.
What makes this challenge hard is finding the right balance between the three core pillars of hybrid working: collaboration, connectivity, and security. This combination will be unique for each organisation. If hybrid working is to be the norm, then it needs to meet all the standards of accessibility, service quality, and inclusivity of the old, office-centric model. Security, of course, remains paramount.
How can organisations improve the existing infrastructure to support new and evolving needs?
The good news is that most organisations already have the tools and services needed – they only need to work out how to choose, combine, and deliver those services in a way that allows people to be productive, collaborative, motivated, and well-protected. Over the course of last year, enterprises have already embarked on digital transformation programmes, started to develop hybrid networks, and prioritised security.
It is not about choosing only one ‘right’ collaboration technology to increase productivity and achieve business outcomes. What employees need is different tools for different jobs, and that choice should be left to them. The key for employers is to enable that choice, figuring out how to bring together this variety of tools and services behind the scenes so that people have a consistently brilliant experience wherever they are.
A supportive infrastructure must also be adaptable and resilient. Improving local area network performance is critical to enabling new ways of working. Office networks are under severe strain with video meetings up more than 300% and will remain as the new norm.
In addition to the local area networks, organisations must also improve networks connecting employees working from home. Software defined networking is especially useful when it comes to providing optimal home working experience at a relatively low cost.
Most importantly, networks and applications need a solid security wrap delivered through technology as well as people. We call this switching on human firewall. This means investing in governance and training and maintaining the cyber hygiene.
How does BT support organisations in adopting best practices to help them successfully deploy a diversity of working styles?
At BT, our services, platforms, and partners are equipped with local and global expertise to help organisations adopt industry best practices and standards.
BT enables a choice of platforms – Microsoft, Zoom, and Cisco – that work together through session layer and the right network, to ensure organisations provide the best collaborative experience for employees, whatever the platform and wherever they choose to work. That is putting people first and setting them up for success in the hybrid working world.
When it comes to building a supportive, adaptable, and resilient infrastructure, we help organisations ask the right questions to arrive at new insights. These insights are key to understanding what traffic to prioritise, where the bottlenecks are, and how organisations can fine tune their network for the best user experience.
We are also a cybersecurity specialist and partner. What we bring to the table is intelligence, experience, and operations to help organisations respond in real-time to the rapidly evolving threat landscape and the unpredictability of the future of work.
Cybersecurity is a growing threat exacerbated by remote working. How can organisations better protect people, data, and services to mitigate breaches and losses?
Cybersecurity is now the number one priority for business leaders and the pandemic has only reinforced its importance. According to our ‘CISOs under the spotlight’ whitepaper, more than half – 58%– of leaders say that improving data and network security has become even more important for their organisation in the past year.
On the other side, we can see the erosion of trust among consumers. Less than a fifth – just 16 per cent – of those asked said they strongly agree that they trust large organisations to protect their personal data. And almost two thirds, or 64 per cent, said they would recommend a large organisation that they think makes a big effort at keeping their data secure. There is a real opportunity for organisations to make security a key differentiator.
They can do this by first getting the basic cybersecurity measures right – which means knowing their security inventory and ensuring routine software patching is never missed. They must then focus on employees, helping them protect the company by understanding the threats and ways to manage them. They should also bake and embed security into every application and every service, right out of the gate, taking preventive rather than reactive measures.
The role of Chief Information Security Officers (CISOs) is critical to the success and protection of businesses. How can CISOs bridge gaps between policies and practices in organisations?
We have seen huge gaps between policy and practice. Just under a third of executives say IT security is excellent at educating colleagues about the need for security. And less than half – or 45 per cent - say they have received training on data security.
Moreover, employees do not admit to mistakes. Nearly half of employees say they personally have had a security incident but have not declared it. Only one in three are 100 per cent aware of the policies and procedures they should take to protect the security of their organisation’s data. A key issue is also making sure an organisation protects data when people leave the business.
For CISOs to bridge these gaps, they need to power up and reinforce the human firewall. One of their most important tasks is to help their colleagues across the organisation to understand that they are a key line of defence.
CISOs should educate and coach teams on how to behave safely online, help employees appreciate the impact a breach would have on the organisation and brand, and create a culture where it is encouraged and safe to speak up, to admit mistakes.