PLDT Home

Breaking News

How do you Defend Against Cyberattacks at Home

Defend Against cyberattacks

As the well-known cybersecurity mantra says, getting hacked is not a matter of "if," but of "when." We should all be prepared for a never-ending defensive war against unseen opponents.

The business process outsourcing (BPO) industry, one of the most successful and job-creating in the last four years, poses unique challenges to this way of thinking. HP and Intel Corporation hosted a webinar titled "From Wall to Wall: Fostering Cybersecurity in the Age of Hybrid Work" to help local cybersecurity professionals deal with these difficulties.

Defend Against cyberattacks

The webinar's goal was simple: to persuade business owners to embrace the difficulty of developing a sustainable remote work strategy as more and more offices, in response to the ongoing Covid-19 pandemic, switch to a hybrid model in which many workers work from home. Because of this, wherever in the world, work machines are open to cyberattacks from sources other than the company's internal network.

Defend Against cyberattacks

“The common misconception is that ‘I have an antivirus and I have a firewall, and we’re good.’ But in a previous webinar, also organized by HP and Intel, Christian Edmond Reyes, Managing Director of HP Philippines and Pakistan, warned that due an era of a dispersed workforce “the threats and the risks of vulnerability are much higher.”

According to data presented at a webinar in titled "Forging a Safety (Inter) Net for the Agents," organized by the National Bureau of Investigation (NBI) Cybercrime section in the Philippines, the number of phishing assaults increased by 200% in comparison to the previous year. It also referred to research by Russian cybersecurity firm Kaspersky, which found that the Philippines was the most vulnerable in Southeast Asia to cyberattacks for two years running.

“One of the points of vulnerability is usually the employee and that’s where education is important and primarily because sometimes you can just receive an innocuous email with a seemingly harmless link. You click it and it wreaks havoc,” Reyes said. “HP wants to be able to help our partners to be more secure, prevent any disruption, prevent any cyberattacks that can cause damage to your reputation, your productivity and has financial repercussions.”

Ensuring BPO security at home, amid RTO mandate
According to 2019 data, the business process outsourcing (BPO) industry in the Philippines employs almost 1.3 million people, significantly boosting the GDP of the country. During the following two years, the IT & Business Process Association of the Philippines (IBPAP) projects a 5.5% increase in revenue.

With the current health and safety restrictions in place, the association figured that an average of 70% of the workforce is still working from home.

Cybersecurity is one of the hardest aspects of hybrid employment to manage for organizations. This is mainly because the country is constantly hit by web attacks, RDP attacks, and mobile malware. All hybrid employees, not just IT pros, must battle hostile attacks.

Figuring out a viable “back-to-work transition
Cybersecurity risks are one reason BPO firms opposed the government's return-to-office policy. BPOs were meant to end work-from-home arrangements with employees by April 1 or forfeit tax benefits. Cybersecurity-wise, the subsequent disruption would be like self-induced sabotage.

Each company's IT team needs time to design a "return to work" transition to ensure network security in an RTO situation. The difficult task involves scanning all returning machines that didn't use conventional business cybersecurity software while remote work.

“These devices are often the focus of hackers,” a cybersecurity consultant pointed out. “Properly scanning them all and updating their security patches would take time, especially for a small IT team.”

Empowering the end-user
Kaspersky data shows that end-users face more web risks internationally. The Philippines detected 14 million end-point threats in the first half of 2022. This aligns with more employers implementing hybrid work. It underlines the necessity for comprehensive IT security that starts with well-trained end-users.

“When you’re working from home, every asset that you use to connect to the company network and do your work, including your personal smart devices, they all become potential entry points of attack,” said Angel Redoble, First Vice President and Chief Information Security Officer for PLDT Group. “As a responsible employee, you need to declare them to the cybersecurity team, so they can properly secure them as vital assets. In a BPO, however, the agents themselves are the most important assets and you need to empower them with adequate training.”

Redoble added that employers should conduct a continuing end-user training program and not the usual one-off awareness seminars. To keep them vigilant and abreast of the latest threats, agents should be subjected to phishing simulation drills both impromptu and pre-announced. This way the company can monitor their readiness as well as their need for supplemental training.

Beyond providing training, employers should also make it a point that employees understand that the benefits of working from anywhere come with added and serious responsibilities.

“If your employee is aware that the end-point is their responsibility, and part of their duty to flag you immediately whenever they encounter something unusual or weird, that would go a long way to improving your company’s resilience to cyberattacks,” said Tim Scyner, Director of Sitel Group Physical Security.

Scyner added employee awareness can also assist spot malware assaults and data breaches. The cybersecurity team's top focus should be providing them with safe gear and infrastructure.

Investing in powerful software, hardware security
Experts recommend HP Wolf Security for a blended workforce. HP expert Mohammed Khan stated in a webinar that the security platform offers multi-layered endpoint protection incorporated into HP PCs and printers.

HP Wolf Security uses micro-virtualization to contain risks. HP provides a virtual air separation between the program and the host PC, shielding the device's operating system from malicious attackers.

With enhanced capabilities of hackers, PC protection must also include hardware security. Intel's vPro technology protects against firmware assaults with hardware.

“Intel’s vPro platform offers built-in, system-level security that starts in hardware, and improves foundational security, data, and workload protection. The platform also includes capabilities for remote access, to allow IT administrators to install security patches and repair PCs,” said Khianto Liang, SEA & Korea Regional Manager for Intel Corporation.

Cybersecurity tips
At the latest webinar (“From Wall to Wall….”), both Redoble and Scyner traded priceless insights and defense tactics that the webinar attended found useful, especially in the hybrid work scenarios.

“Implementing a holistic or wall-to-wall cybersecurity program involves building and enhancing your predictive, preventive, detective, and responsive capabilities,” said Redoble. “Underlying them all is visibility, or knowing exactly what your systems and assets are, and from there understanding your threat landscape. You cannot possibly defend them if you are not sure what they are and what their vulnerabilities are.”

“Sooner or later a determined hacker will eventually get into your system,” Scyner declared. “In preparation, what you can do is delay them from causing any trouble. Build a maze with as many obstacles and dead ends as possible. Just delay the hack long enough for your team to detect it and shut it down.”

“HP is aware of the very real challenges that BPO companies have been having, transiting from the work-from-home setup and into the hybrid workspace,” said Kris Seville, Enterprise Sales Manager of HP Philippines. “We would very much love to hear from you so that together we can explore how HP Philippines can help address your specific situation.”

Capping the informative discussions, webinar organizer HP Philippines assured cybersecurity professionals in the BPO industry that it will continue to work with its partners to ensure robust, wall-to-wall cybersecurity is in place to deter all malicious actors.

To watch the full webinar, a recorded version is available via this link: https://www.facebook.com/HPphilippines/videos/458925112532945

For more tech news and gadget reviews, please follow us on Facebook (facebook.com/Adobotech), YouTube (Adobotech TechBlog), and Twitter (@adobotech). 

No comments