With the flight to remote work happening so suddenly, senior decision makers at small and medium sized businesses simply haven’t come to reality with their cybersecurity capabilities, and in turn, vulnerabilities.

While large corporations have entire departments dedicated to these systems, SMBs often lack the knowledge and ability to have similarly robust protections in place. The big question becomes: are executives ready to address the onslaught of cybersecurity needs that come with indefinite remote work?

Confidence belies preparedness

Recent data showcases that despite confidence in mitigating cybersecurity threats, many senior decision makers are turning a blind eye to weaknesses in their newly remote organizations – such as the Zoom vulnerabilities that went overlooked for months – even though data found over half of businesses now working remote have little to no experience functioning as a remote organization. Troubling when you consider a fifth of these businesses moved to remote work without any clear policies to prevent cybersecurity threats or attacks.

Zoom has already begun reckoning with the reality that companies and organizations have had to abandon the service once security issues came to light. The conferencing service recently scooped up Keybase as part of its 90-day plan to improve security, and worked with the New York City Department of Education to tailor its product for the classroom. It won’t be just service organizations that will suddenly need to reevaluate as they acclimate to a remote-work first environment. 

The Future of Secure Remote Work

Moving forward senior decision makers at least understand and agree they need to invest more in cybersecurity (more than a fifth) and create a response plan to a cyberattack (almost a quarter). Cybersecurity has to be a critical component of any business for the foreseeable future and at a minimum, decision makers must focus on developing operational policies and procedures for data security as they shift thinking towards long-term remote work life. Almost one-third of senior decision makers agree their organizations need to be better prepared to handle a situation like this in the future.

The easiest way to start is simply to ask the right questions.

What is at stake if there was a breach and how should it be handled? Organizations must create backup strategies, maintain adequate support for workers and create incident response procedures if the worst was to occur. Data showed almost one in seven senior decision makers agree their organization has already experienced at least one cyberattack they’re aware of. The struggle to get ahead of the next threat isn’t easy, but lessons can be learned from the initial scramble to better inform remote work in the long term.

Additionally, senior decision makers must identify where the gap be closed between people, process and technology. A quarter of senior decision makers agreed their organizations needed to implement clear remote work policies to secure their businesses from cybersecurity threats when remote working. Executives need to set clear guidelines and education on best practices for remote work. Criteria must cover everything from locking their screens to ensuring secure at-home Wi-Fi to proper VPN utilization and up-to-date security software. Bad actors are always looking to exploit a crisis for their own gain and there has been a strong surge in phishing email attacks and other attacks that employees can be easily fall vulnerable to. Tightening up all the gaps between the various factors at play when employees are remote has never been more critical.

After decision makers take stock of their immediate cybersecurity gap and address them, businesses can finally start thinking about business continuity planning. Where are the next potential impacts and threats coming from? What disaster recovery tools can be implemented, what new services can be vetted and implemented for faster identification and response times?

The flight to remote work is unfortunately likely only accelerating the booming cybercrime industry. For better or for worse, this unprecedented move towards remote work has started serving as a wake-up call that even SMBs have to begin spending more time on cybersecurity initiatives. These organizations must look internally on where they can do better and demand the assistance and response from the services they are using to ensure a safe future of work for everyone.