COVID-19 and the ‘New Normal’ for Enterprise Cybersecurity
Cybercriminals have wasted no time in targeting enterprise-level rapid-response remote working solutions.
The COVID-19 pandemic has created a perfect storm of security risks for enterprises.
The volume of possible attack surfaces has multiplied as a larger remote workforce means more possible entry points for cybercriminals. The opportunity to target that workforce has increased exponentially, too. The stress of the situation and disruption to schedules and routines means people are more vulnerable to manipulation and more prone to poor decision making.
These vulnerabilities are compounded further because many remote working solutions more closely resemble contingency plans than they do strategic initiatives. Out of necessity, many workers are utilizing technology that has been rapidly rolled out or scaled from solutions designed for in-house use, all in the interest of preserving organizational productivity. There has been little time for the usual levels of security due diligence and user education that would normally accompany such transformations.
Keeping this all in mind, what are the processes and mindsets enterprises should adopt to stay secure during this exceptionally challenging time?
Familiar foes, in unfamiliar guises
Our conversations with customers and our own experience reveals that enterprises are seeing an increase in threats against virtual and physical infrastructure.
Many of these threats take the form of the usual suspects – phishing, ransomware, social engineering – scaled to the size of the perceived opportunity and updated with pandemic themes.
It’s easier to hack humans than it is computer systems.
Reports are common of phishing attacks preying on people’s anxieties by impersonating reputable authorities and purporting to offer the latest safety information about the pandemic. Similarly, cybercriminals appear to be seeking to take further advantage of the situation by impersonating remote working and collaboration platforms. They sense, perhaps, that rookie users will not easily be able to tell genuine communications apart from shady ones.
The opportunistic distribution of malware via newly registered domains centered on coronavirus or COVID-19 has also been reported. Yet more sophisticated scams have centered on creating fake COVID-19 tracking apps that compromise devices.
No such thing as over communication
Existing security problems are likely to magnify and intensify under extreme conditions such as those faced by enterprises today. But, in many ways, if the challenges are familiar – even if the scale is not – then security professionals do have a basis from which to manage their responses.
The first line of defense remains the workforce, and organizations must empower employees to play their part. There’s no such thing as over communication when it comes to educating workers about the risks and providing guidance on what to watch for.
The increased need for communications applies beyond technology leaders and into company-wide leadership. As workers double down on maintaining operations during the crisis, leaders can give back by becoming a trusted source of vital information about the pandemic. This can reduce the team’s vulnerability to misinformation.
When securing endpoints and infrastructure, IT leaders should adopt a security mentality that the enterprise extends into the home. They should also bring a preparedness mindset into their planning and look to answer questions they haven’t yet had to face – but may face soon in what is a quickly changing situation.
Of course, organizations that must rely mainly on the skills and diligence of individual users are at a clear disadvantage in keeping these endpoints protected. In these cases, it’s more important than ever to ensure that device-level anti-virus solutions are up to date, and that the latest patches are applied across all end-user systems.. At this scale, automation is an enterprise’s best bet for achieving consistent coverage in this regard.
The industry may yet see a move toward widespread 'zero trust' initiatives. Prior to the pandemic, it was generally accepted that zero trust had two primary use cases: secure remote access for a relatively well-defined mobile workforce and micro-segmentation of data center traffic. It remains to be seen whether this approach can be scaled up to current requirements without jamming the flow of information and collaboration between such a massively distributed workforce.
Prime time for security professionals
451 Research analysis has shown that security is emerging as a high-priority area for increased spending as a result of the pandemic. This is a logical step given the variety and scale of the risks.
IT security professionals may never find a more favorable environment to have themselves heard than the current one. Indeed, organizations are looking to security professionals to step up and ensure that compromises in the name of productivity don’t come with compromises to security. This is the time to be proactive in sharing their view of risk and recommended remedies, for now and for whatever the future might hold.
Facing challenges brought on by COVID-19