Organizations that rushed to implement remote-working without tightening cybersecurity now also need to worry about operational technology, argues this OT and IoT representative.
As businesses in the Asia-Pacific region (APAC) adapt to a remote-workforce, a new hybrid workplace is emerging, as typified by a recent report by Microsoft.
The research points to a 200% increase across Asia in Teams conversations during weekend hours, and between 15% and 23% outside of the ‘typical’ workday during the week. While some workers are disappointed in the trend, others have found relief in this flexibility and are thriving away from the physical office.
Regardless of which side you are on, the message is clear: remote access has enabled us to do all or most of our work from our home offices in a secure, sensible way, buoyed in many parts of Asia by recent investments in networks and broadband technology to sustain it.
Across Asia, CIOs, CISOs and IT managers have made a huge effort to ensure businesses and staffs continue to operate and adapt to new circumstances. However, if remote work is here to stay for the long-term, deeper changes are needed to ensure remote work remains sustainable and secure.
Many CISOs in APAC have admitted they were sacrificing security to enable remote-working quickly. A key question to address is: how will technology and cyber leaders always keep their critical systems and operational networks running when staff are able, encouraged or even mandated to work remotely.
Cybersecurity from the outside in
Over the years, many organizations in APAC have built their security around the hub or main office. If you are on the inside, it is assumed you have permission to access data and applications. Therefore, much of the security posture is designed to keep the wrong people out of that environment. But with staff now physically on the outside, how can we ensure they have the access they need without opening the doors to the wrong people?
This requires a thoughtful balance of safety, productivity and cybersecurity risk. One small oversight can leave organizations open to cyber risks and negatively impact staff, reputation, revenue and a company’s ability to survive.
At the same time, if systems are too restrictive, staff cannot operate effectively and will not be able to deliver the same value from their remote-work locations compared to what they delivered at the corporate office.
In the early months of the pandemic, organizations focused heavily on this shift to remote work, meaning typical cybersecurity check points and protocols may have been neglected. Cybercriminals are aware of this, and have stepped up their efforts in attacking organizations across Asia.
Operational Technology matters
While attacks evolve over time and new attacks emerge, there is a clear upward trend of attacks aimed at critical OT infrastructure, which, in the context of organizations such as an energy or water supplier, is vital to keeping operations running.
With this sharp increase in remote-working and remote access, it has never been even more vital for organizations in Asia to prioritize OT cybersecurity and reduce their risk.
To manage these threats and maintain resilience, we encourage APAC businesses to include both IT and OT personnel in cybersecurity training and planning. There are simple but important steps businesses can take to get ahead of the threats:
- Increase visibility into the OT environment by using passive traffic monitoring to identify and baseline critical assets and operational states.
- Bolster detection capabilities with anomaly detection technology in IT and OT environments.
- Apply a health check to network infrastructure and ensure correct network segregation and firewall policies are in place.
- Ensure all devices and services are patched. It is also important to shorten patch cycles, particularly for those that protect remote infrastructure. Where appropriate, use virtual patching to complement existing patching processes until a permanent patch can be conducted.
- Deploy a resilient backup policy that supports quick access to impacted files.
- Perform asset hardening to disable services used by ransomware for propagation.
The full impact from remote access is far from realized, but one thing is clear: we will not be returning to the pre-pandemic norm as we knew it. How Asian tech and security leaders approach this new reality will determine how the region competes in an amplified digital economy.
