ments,” noted Adam Kujawa, Malwarebytes labs director, adding that “it also brought to light the need for an entirely different and more robust approach.” So how can you fight fear fatigue when you cannot sit with each remote employee and assist their decisionmaking process? Generally speaking, there are two schools of thought. Promoting Improved Awareness One involves bolstering employee education and general knowledge. According to Malwarebytes, 69 percent of organizations believe that workers need improved IT resources to make them generally more aware of cyber-risk. By combining cybersecurity training programs and innovative tools, the employer can help the remote worker to identify and prevent a dangerous situation, while also feeling more comfortable in turning to the organization should the need arise. While education can probably never hurt, this plan admittedly fails to fight fear fatigue at its source. It does nothing to tackle the general nonchalance and malaise that it can cause. Education presents the equivalent of taking an arachnophobe to a spider museum. Still, most experts believe that the best way to cut down on poor decisions is to eliminate misinformation in any way possible. Take the Choice Out of Their Hands Another way to fight the risks inherent with fear fatigue is to automate as many cybersecurity practices as possible. Some ways to accomplish this goal include: Increasing Reliance on CloudBased Collaboration – These tools generally feature automated security and encryption to protect information, regardless of the individual poor choices made by the worker. Automated Online Backup – By employing, for example, geo-redundancy, data is stored across multiple, remote locations to promote continuous access with minimal downtime, even if the event an individual file is compromised. Mandated Password Management – Require frequent password changes and prevent credential-sharing across multiple systems in order to isolate any account should it be compromised. Identity Management Systems/ Passwordless Options – Reduce the opportunity for penetration by eliminating the chance of credential misuse. Anti-Malware Detection – Critical to diagnosing malware before it can do too much damage. Mandatory VPNs – This is one proven way to secure the at-home network – and subsequently any networks to which the remote worker’s system connects – against penetration. As organizations continue to adapt to changes in the landscape, tweaks to their own strategies will also be needed. After all, malicious online activity is unlikely to disappear. By focusing on a two-tiered approach of limiting remote worker choice and increasing their understanding, today’s companies can help to limit not only poor employee choices but also the chance that those decisions could have devastating consequences. And, given how much the work world has changed in the last two years, fear fatigue is as unlikely to disappear as the actual cyber-attacker. J After being home for 18 months, what has changed about your company’s security posture? (Check all that apply) We have implemented new tools to enhance security 74% My organization has implemented new trainings to enhance security 71% We have required additional securities measures (MFA, etc.) 52% My organization has updated our crisis management protocols 49% We have continued the same way as at the beginning of the pandemic 13% Source: Malwarebytes 27 THE CHANNEL MANAGER’S PLAYBOOK