While the Covid-19 pandemic threatens to overload the global economy and cripple healthcare systems around the world, it’s also having a deadly impact on the security of homes and businesses.
By Vishal Barapatre, chief technology officer at In2IT Technologies SA
Measures taken to protect their workers and serve customers during the lockdown have exposed organisations to increased cyberthreats. The biggest challenge for cybersecurity teams will be providing protection for their organisation’s digital assets while enabling operations to continue without interruption, under extremely challenging circumstances.
Offices on lockdown
With the national lockdown, enterprises have had to go to extraordinary lengths to make provision for remote capabilities for their people to service customers as usual in these unusual times.
As a result, large scale adoption of work from home (WFH) technologies has increased the use of online services, resulting in more activity beyond the corporate network perimeter.
This presents fresh vulnerabilities for cyber attackers to exploit.
Exploiting the pandemic
As the coronavirus continues to make waves across search engines and news sites, cybercriminals are using its name as a keyword to bait and launch malicious campaigns in the digital space.
For example, a document relating to the spread of the Covid-19 virus is proliferating in a variety of formats, spreading malware that encrypts files and siphons sensitive data from browsers.
Highlighting potential vulnerabilities
A tough balancing act, cybersecurity teams must adjust their security programs to accommodate operations that need to scale while securing the shift to WFH tools. At the same time, chief security officers must make it possible for their teams to look after themselves and their families during a health crisis.
Secure the home office
Working from home has opened multiple cyberattack vectors, which means that WFH systems will need to be vigorously secured and tested. Personal assets should not be allowed to come into the corporate environment, so business-only devices will need to be issued to all employees.
To avoid General Data Protection Regulation (GDPR) and Protection of Personal Information (PoPI) Act compliance concerns, enterprises will do well to utilise auto VPN and multi-factor authentication measures to provide secure access to digital business assets, while testing and scaling incident-response tools and remote support. It’s also important, at this stage, to revisit access management policies to make provision for work from home practices.
Businesses will also need to issue a refresher on secure remote working processes and protocols for security threat identification and escalation, as employees find that they play a more important role in keeping the organisation safe, given that regular on-premise security measures are no longer relevant for employees that are still working from home.
Test, monitor, prioritise and remain calm
Now is the time to implement any technology risk or security plans that the organisation might have, or to work with a cybersecurity provider that can assist with the rapid planning and provision for incident response, business continuity, disaster recovery and the like.
Eliminating risk events will be near impossible, but it is possible to reduce the risk of making a bad situation worse by ensuring that incident response is timely.
Monitoring is exceptionally important at this time, and will need to be ramped up where remote collaboration tools are concerned. The employees, devices and the network will need to be constantly monitored for new strains of malware to catch security-related incidents before they materialise as operational risk.
The next step is to balance, prioritise and remain calm and objective. At this point, IT cybersecurity teams will be inundated with urgent requests for cybersecurity exceptions that will make it easier for other teams to get their work done.
These requests needn’t be outright declined, but they should be balanced with the need for business continuity in challenging times.
Above all else, this pandemic is a human health crisis but by adhering to practical cybersecurity principles to focus our efforts through monitoring, testing and incident response in a manner that balances the need for productivity and business continuity, it should be possible to avoid cybersecurity catastrophe.