A remote work environment can raise the risk of a data breach or other cyber attack for several reasons, according to multiple security experts. Remote work, particularly remote work at scale, significantly increases the potential attack surface that must be protected.

In this interview with Mary K. Pratt from TechTarget, Glenn Nick of Guidehouse provides insights into how remote work impacts cybersecurity.

What are some of the most common remote working cybersecurity risks? 

• Unsecured and vulnerable hardware - The sudden shift to remote work at the start of the pandemic meant many workers used their personal devices to do their jobs, regardless of whether they had the skill to ensure their home routers, laptops and smartphones were properly updated and adequately secured, said Glenn Nick, associate director for cybersecurity incident response at advisory services provider Guidehouse.
• Unsecured and vulnerable networks - Remote work also increases the chance that employees will use unsecured networks, such as public Wi-Fi. Even home networks are often vulnerable to attacks. "People are placed at home working in an environment that they don't have the technical expertise to secure," Nick explained. "They may be told to update their routers or use VPNs but may not have the technical expertise to do so. And, at the same time, you have nation-states attacking home routers and home network devices." So significant is the threat that the U.S. Cybersecurity and Infrastructure Security Agency (CISA) highlighted the risk in a June 2022 alert.