Close

Cyber security and gig economy: how to ensure the security of your IT assets

The gig economy has brought great opportunities but has also increased cybersecurity risks for companies
Reading time: 4 minutes

Content index

What is the Gig Economy?

Today’s world is highly connected and the Gig Economy phenomenon is constantly growing. For this reason, Cyber ​​Security is a priority for organizations and companies in every sector.

What is the Gig Economy? The Gig Economy is an economic model based on on-call, occasional and temporary work. Workers are not bound by long-term contracts anymore. In other words, it is a new form of organization of the digital economy dominated by freelancers and part-time workers that does not provide for stable and continuous work performance and fixed full-time contracts.

According to Salesforce, a US cloud computing company based in San Francisco operating in 36 countries, the Gig Economy allows companies to acquire a specific talent for a specific period of time in order to achieve a clear and precise goal. This is possible thanks to human cloud platforms, digital tools and platforms that host professionals who can respond to market demands.

The so-called gig workers work with flexible hours and operate in very different sectors: from transport and logistics to art and design, from media and communication to information technology.

However, the Gig Economy includes two types of jobs:

  • Web-based jobs. Gig workers work remotely via the web and can be connected from any corner of the world;
  • Location-based jobs: these are on-demand services via app. Digital platforms act as mediators, bringing together supply and demand for work performance.

The main difference between the two types is the place of work. In the first case it is a virtual place. In the second one it is a real place and has a more local dimension.

Gig Economy and the importance of Cyber Security

Companies and organizations that choose Gig workers must adopt strict security protocols to mitigate the possible risks associated with accessing corporate systems from personal devices. In fact, it is not possible to have the same control over them as over corporate devices. The same is true for home internet connections which could be easily compromised.

The Italian 2021 Clusit Report shows how much IT security is an essential factor for the management and success of a business. The Report offers an overview of the most significant cyber-crime events that occurred globally in 2020.

The year of the pandemic recorder the negative record of cyber attacks. Globally, 1,871 serious attacks in the public domain occurred. These are attacks that had a systemic impact on every aspect of society, politics, economics and geopolitics. In percentage, 2020 showed an increase of 12% in cyber attacks around the world, compared to the previous year. Furthermore, in the last 4 years the growth trend has remained almost constant, with an increase in serious attacks of 66% compared to 2017.

These are the sectors most affected by serious cyber attacks, in descending order: the “Multiple Targets” (20% of the total attacks), which includes attacks on multiple and often undifferentiated targets, the Government, military, law enforcement and intelligence sectors (14%), healthcare (12%), research and education (11%) and online services (10%). In addition, attacks on Banking & Finance (8%), on hardware and software producers (5%) and on critical infrastructures (4%) have grown.

Finally, the Clusit experts found an increase in attacks through the abuse of the supply chain, that is, through third parties. With these attacks, cyber criminals target the contacts of a company (customers, suppliers, partners), significantly increasing the number of victims while easily going unnoticed.

In 2020, cyber attacks were mainly carried out using Malware (42%). Among them, ransomware were nearly a third of all attacks (29%). Their diffusion is growing significantly both in absolute terms and in terms of target size and damage. Malware are followed by “unknown techniques” (especially Data Breach, for 20%), Phishing & Social Engineering (15%) and attacks through known vulnerabilities (+10%).

The Risks of the Gig Economy: how to protect sensitive data

Two-factor authentication is one of the most effective security measures to protect accounts from unauthorized access, password manager and online purchase transactions. However, when a company turns to a gig worker it may not be enough.

Consider this example of the dangers behind the Gig Economy. A company decides to collaborate with a freelance programmer. What if the programmer shares the access codes with a collaborator? the latter could break through the defenses using a backdoor, or could steal the code and resell it to a company’s competitors.

Therefore, it is essential to adopt Cyber Risk prevention and management measures to strengthen Cyber Security and mitigate the negative impacts of possible cyber attacks.

Here are three tips for managing data risk:

  • Perform an in-depth Risk Assessment to identify and analyze risks, define strategic actions to avoid or mitigate them, and identify priorities;
  • Adopt a zero-trust approach, verify that the control systems are adequate and if necessary implement new ones;

Know and monitor the activities of freelancers within company systems containing sensitive data and foresee penalties in case of breach of the contract.

Cyber Defense by Namirial: the solutions to strengthen your corporate security

Cyber Assessment by Namirial is the innovative platform that performs an evaluation of cyber threats from an external point of view and without installing any software.

The results of the analysis show the effectiveness of security controls, identify cyber threats and gaps in the technologies. In this way, companies are able to identify the priority sectors in which to invest to protect the information system and prevent the loss of resources due to cyber attacks.

Furthermore, Cyber Assessment allows companies to comply with Article 32 d) and the entire General Data Protection Regulation (GDPR).

The platform provides two types of analysis:

  • Vulnerability Assessment (VA). The Vulnerability Assessment (VA) analyzes IT systems to detect known vulnerabilities on the exposed network perimeter. The service allows you to quickly reduce the risk of cyber attacks before hackers exploit these vulnerabilities. At the end of the test, the platform generates a report. It contains the list of all identified vulnerabilities, the risk class and the remediation to correct them;
  • Cyber ​​Threat Assessment (CTA). The Cyber ​​Threat Assessment service (which includes the Vulnerability Assessment) detects cyber threats, incidents occurring within the organization and vulnerabilities of systems and services exposed on the public network. This type of analysis uses external cyber intelligence techniques and does not require the installation of any software.

The final reports allow the company to identify and / or prevent data breaches and implement actions to mitigate the IT risk, thus safeguarding the business.

Specifically, the IT Threat Assessment service allows you to:

  • Discover and resolve cyber threats related to malware infections;
  • Verify leaked credentials (data breach);
  • Recognize data breaches through Deep web analysis;
  • Identify dangerous and / or copyright infringing data transfers on peer-to-peer networks;
  • Identify and prioritize remediation of vulnerabilities.

TAG