The novel coronavirus has forever changed how and where we work. As many organizations adopt new solutions and collaboration tools (e.g., Microsoft Teams, Slack or Zoom) to accommodate employees and customers during this critical period, such fast-paced digital transformation has also exposed several shortcomings associated with our remote workforce’s home networks and routers. And thanks to our newly-expanded user landscape, threat actors can access company networks undetected - a major concern considering the Federal Bureau of Investigation’s (FBI) Internet Crime Complaint Center has seen a 400% spike in coronavirus-related cyberattacks within the last four months.
Given these heightened risks, it is imperative that organizations thoroughly examine their router or home network configurations and consider the following proactive measures to safeguard their infrastructure.
Implementing secure VPN and firewall management initiatives
Despite having encryption in place, threat actors can still exploit VPNs and access an organization’s network. Prior to COVID-19, large organizations had minimal VPN traffic due to employees being onsite. Now global VPN demand has skyrocketed - increasing by 41% during the second half of March - and has remained 22% higher than the pre-COVID levels. As a result, organizations are struggling to pinpoint adversarial activity.
Given the risks, organizations must carefully consider which VPN is best suited to accommodate their remote workforce and ensure bandwidth and connectivity are evenly distributed. Limiting VPN profiles to company devices also helps protect organizations as it decreases the likelihood of unauthorized access.
Furthermore, some large enterprises may have thousands of employees (or more) working outside of the company firewall. With an increased risk of cyberattacks or data exposure, organizations must implement the best practices to ensure their firewalls are up to par. This includes consistently updating rule sets, scheduling timely firewall audits to counter potential lapses and leveraging centralized management software to automatically maintain all firewalls.
Meeting audit and compliance requirements during rapid digital transformation
Embracing digital transformation is no simple feat as organizations must audit which software complements their infrastructure. “Digital transformation” greatly expands the technology stack and can include a wide swathe of software for artificial intelligence, automation, cloud technologies and industrial Internet of things (IIoT). It’s important for CISOs to determine which is the best solution for the organization and consult with their respective teams on how and if those selections can be implemented securely and in compliance.
The remote workforce adds to the stress of an organization attempting to meet compliance requirements. Once the pandemic ensued, organizations instructed their employees to work from home, prompting IT teams to scramble to complete their on-site activities and ensure their organization was fully equipped to handle this new routine. This speed at which this occurred resulted in many organizations’ failure to adhere to compliance requirements, putting them at risk of attack and regulatory fines.
To avoid non-compliance, organizations must have visibility of their entire infrastructure, which includes computer assets, networks, security controls and vulnerabilities. Having full visibility enables IT teams to assess threats and risks to their infrastructure. The key to maintaining compliance is to actively and continually assess risk posture within the organization.
Securing cloud environments and managing cloud-native security controls
Cloud-based services are a major component of digital transformation. While valued for security from the cloud service provider, the management of these services by customer organizations can lead to security and compliance risk just like in any other technology. Security management problems can worsen especially in times of transition and upscaling, as many organizations have undergone since the global pandemic began.
There are certain cyber hygiene practices that can limit the risk to cloud services so critical to business continuity during these times. Utilizing encryption to protect data transfers at all touchpoints is one. Continuously monitoring for new vulnerabilities, threats and changes in exposure is another.
Employees themselves can also increase risk to cloud services, as they can any technology. 52% of employees assume they can engage in questionable activities while working remotely, creating an opening for potential threats. Educating employees, as well as devsecops teams responsible for cloud service deployment, of their role in maintaining security and compliance is key. Efficient management of employee access, in which IT administrators assign certain business systems and data access privileges according to employee role and approved access, is among the most critical elements of securing cloud environments and ensuring cloud security controls are behaving in compliance with policy.
Outlining cyber risk management strategies to counteract COVID-19 and other cyberthreats
While there is no pandemic playbook for cybersecurity professionals, there are best practices that CISOs can utilize to manage through the uncharted waters ahead.
The first phase begins with leadership as CISOs, IT directors and other experts determining which assets are most critical to the business and how vulnerable they are to cyberattacks, malware and other threats. This allows them to address the biggest risks to their business right away, while monitoring remaining risks for signs that escalation is required. The next course of action is creating best practices and protocols in case the organization’s IT infrastructure is overwhelmed. This entails limiting access to the most crucial function when necessary or implementing a timeframe for when employees can access the system. The final phase is IT teams taking inventory of all applicable equipment, helping employees that experience issues with either hardware or software efficiently to keep business running smoothly.
By putting these measures into effect, organizations can effectively reduce threats against their employees and their company’s proprietary data, as well as maintain business continuity through trying times. These solutions help organizations address threats in the immediate and long term, ensuring that their overall infrastructure remains secure and stable.