We have
often observed that cybersecurity
professionals are a lot like first responders. That is, they train, practice
and endlessly condition themselves for the big red alarm to ring so they can
save the world from cybermiscreants. Some people are comfortable in that role
and others aren't, which is often the determining factor in whether someone is
a successful cybersecurity leader.
The
pandemic has brought cybersecurity front and center for state and local
governments and corporate sectors, but under different names and categories.
Whether the hot topic is working from home, or unemployment benefits
enrollments, or streamlining business processes using digital signatures,
cyberleaders must seize this opportunity.
Working
from home certainly belongs in that list of hot topics, since COVID-19 has
resulted in government organizations and corporate organisation transitioning a
majority of their office-based employees to some form of remote work. This
initially looked like a temporary measure, but it's becoming increasingly clear
that many of those remote workers may never be returning to their government
cubicles. Security leaders need to shift their response from viewing remote
work vulnerabilities as a temporary problem and begin identifying more
permanent solutions.
Employees
working from home are playing games and trolling Facebook and Instagram on the
same computers they are using to access sensitive data. How is your agency's
security awareness training?
That's the
kind of question organization’s chief information security officers can expect to
hear more often than not , from the policymakers who are their bosses. CISOs have
struggled for years to be taken seriously as business leaders and deserving of
membership on the executive leadership team. The COVID-19 pandemic is their
moment to prove they belong, but responsibility is the price they must pay for
a seat at the table. "Security is
not a problem you solve, it's a long-term business risk you manage," says
security expert and entrepreneur Matt Devost. "It is important that your
security program doesn't focus just on short-term goals, but that you also play
the long game. As the CISO, you need to have a compass, not a map."
With
business continuity and operational resilience at stake, awareness of key
cybersecurity considerations is crucial, as many organizations look at a
long-term shift towards work from home. There are few points which we have to
keep in mind while framing business continuity principals.
Digital Empathy – Security has proven
to be the foundation for digital empowerment in
a remote workforce. Cloud-based endpoint protection technology
enables employees to work when, where, and how they need to work and
can allow them to use the devices and apps they find most useful to
get their work done. After all, security technology is fundamentally
about improving productivity and collaboration through
inclusive end-user experiences.
Zero Trust –
Over the past two years, Zero Trust has emerged as a key security philosophy
for businesses. COVID-19 has allowed for a real-life demonstration of why it’s
important. Companies relying on traditional ideas of securing workers
through “walls and moats” at the perimeter (aka firewalls) were both
more susceptible to COVID-19 themed threats and were less able
to meet the demands of a newly remote workforce.
Zero
Trust shifted from an option to a business imperative in the first 10 days of
the pandemic. The Zero Trust architecture will eventually become the industry
standard, which means everyone is on a Zero Trust journey whether they
know it or not.
Diverse data for better threat
intelligence –
A blend of automated tools and human based insights are needed to identify new
COVID-19 themed threats. With adversaries adding new pandemic
themed lures to their phishing attacks, organizations need to bolster
their security foundation with strong threat intelligence, which is derived
from analyzing a diverse set of products, services and feeds from around the
globe.
Building Cyber Resilience – It is human nature to plan for the
last crisis. Global events like COVID-19 highlight the need
to have a response plan that expects the unexpected. A
strategic combination of planning, response, and recovery helps establish a
comprehensive Cyber Resilience strategy to enable secure remote work
options, whether in the short or longer term.
Integrated security – People often thought about security
as a solution to deploy on top of an existing
infrastructure, but events like COVID-19 showcase the need for truly integrated
security for companies of all sizes. As a
result, integrated security solutions are now seen
as imperative.
As
organizations adapt to the new reality and its cybersecurity implications,
there is an equally critical, if not higher, need to educate employees so they
don’t become the weakest link in the security chain. This can be accomplished
through:
Educating employees on the importance of Multi-Factor Authorization
(MFA) solutions and setting up MFA for digital tools is an important way that
organizations can reduce the risk of identity compromise.
Communicating employee guidelines clearly, including sharing information
on how to identify phishing attempts, distinguishing between official
communications and suspicious messages that violate company policy, and the
procedure of reporting suspicious email.
Selecting a trusted application which ensures end-to-end encryption for
enabling remote working audio/video calling. With the barrage of news and
ongoing discussions, many users are in crisis mode, making them more vulnerable
than ever to deception.
Cyber-Security lessons learned from the pandemic
1. Don’t take the bait
Phishing
remains a popular—and effective—technique for attackers. It is an attempt to
steal credentials and obtain sensitive information, often by an e-mail message
containing a link to a seemingly legitimate Website. Phishing is the top threat
action used in cyber-security breaches, according to Verizon’s 2020 Data Breach
Investigations Report. To combat phishing, employees should know how official
communications will be sent, treat unknown e-mails and links as suspicious, and
have an easy way to alert their IT security team.
2. Improve cyber-security training
Most
cyber-security training revolves around workplace use, with passing mention of
security best practices while on business travel. Remote work opens the door to
risks posed by unknown Wi-Fi networks, shared workspaces, wireless printers,
and similar technologies not vetted by IT security. Cyber-security training
should include best practices for remote work, covering: working environment,
router security, use of a virtual private network (VPN), oversharing screens
during online meetings, personal use of company computers, and IT support.
3. Secure collaboration tools
Collaboration
tools, such as online meeting services, are now the norm for remote teams to
communicate. Recent headlines have shown they can have security gaps if not
configured properly. Meeting organizers should use built-in security features,
such as waiting rooms, password protection, and other settings to control
participants’ capabilities (e.g., printing, participant lists, document
sharing, recording). Participants should not share meeting links publicly or
with people who don’t have a need to know. Virtual meeting software should be
regularly updated to the current version, or have auto-update enabled. Finally,
employees should only accept meeting invites from expected and trusted sources.
4. Embrace distance learning and
telemedicine
Education
and healthcare changed dramatically when millions of students across the
country found themselves suddenly unable to go to school and millions of
patients could not see their doctors or receive the healthcare they needed.
Both schools and hospitals have been prime targets for ransomware—where
cyber-attackers encrypt or lock down a victim’s files/networks and demand a
ransom to restore access—a threat only enhanced by COVID-19. To combat this,
schools and hospitals should update their cyber-security risk assessment to
encompass distance learning and telemedicine tools, as well as provide enhanced
cyber-security training for educators and healthcare professionals.
5. Adopt the NIST cyber-security framework
Improve
cyber maturity by adopting the National Institutes of Standards and Technology
(NIST) Cybersecurity Framework as a guide for building a strong cyber-security
foundation. It provides exhaustive guidance around five steps, or
functions—Identify, Protect, Detect, Respond & Recover—that could help
transform an organization’s cyber-security risk management posture from
reactive to proactive.
Beyond
a response to COVID-19, adopting the NIST Cybersecurity Framework will
demonstrate to customers and regulators that an organization takes
cyber-security seriously.
COVID-19
is a wake-up call to the world that economies must adapt quickly to survive and
prosper. It brought into sharp relief our dependence on technology and its
vulnerabilities. Continued vigilance is the ultimate lesson.