When remote working seems to continue post-Covid; what companies, employees, and even people on the computer should be aware of. To learn how enterprise-based companies are working with the challenges indica News had a chat with Cyber Security veteran, Tasawar Jalali, who has over seventeen years of experience working with startups and fortune 500 companies in risk-based Information Security programs, Compliance, and Privacy. He is the co-founder and CEO of Securenode & Smashon Inc, an online health and wellness portal. Jalali holds a BS in Engineering, an MBA in Technology Management, and a masters in Information Management Systems from Harvard University.
In a Q &A with indica News, Jalali, highlighted and talked about the growing cybersecurity risk of working remotely. He holds users responsible as well, says even though there are software tools but users’ loss of visibility is one of the areas hackers break in. Another reason is device risk like devices running entirely unsupported [OS] versions, and there are many unseen ways, the way cyber security attacks are occurring. Jalali pointing to President Joe Biden’s executive order on cyber security passed in May early this year says the president has emphasized ‘zero trust architecture’, which means trust should not be automatically granted based on the device being on enterprise network infrastructure.
How has the increased need for distributed work changed requirements?
That’s a good question. A lot of requirements have changed. The increased access to business-critical applications, Authentication Methods, and the increase in types of attacks organizations have experienced has also changed i.e., increase in credential theft and phishing/social engineering.
Some of the big cybersecurity risks stem from the fact that there is loss of visibility of user activity, potential of data leakage through end-points, mixing personal use on the work laptops increases the risk of drive-by-downloads, and maintaining compliance with regulatory requirements.
Organizations are focusing more on remote employee activity versus human-centric visibility, improved network analytics, stronger authentication, and next-generation…