Introduction
Now that we are in the thick of CVOID19, with states now
starting to open their economic activity in some fashion or another,
Cybersecurity will always be a hot topic in this regard. There is no doubt that we all have been
bombarded with those WFH security tips, how to avoid Zoombombing, how not to
fall for a Phishing scam, etc.
There has been out so much that has been thrown out there,
that it is difficult to comprehend even where to start. This is the purpose of this article, to give
you, the CIO or CISO of your business, some quick and easy tips that you can
use as you open your doors up once again, and transition your employees back
into the office.
The Tips
Here are some of the main ones to consider:
Review all plans that relate to mitigating Cyberthreats:
At the present moment in time, many businesses are now
realizing that they wished that they had
some sort of response plan in place.
Most specifically, this relates to the Incident Response, Disaster
Recovery, and Business Continuity Plans.
The main point here was that a lot of organizations simply could not
mobilize their workforce to work remotely, due to the sheer fact that they had
no procedures in place for this. But
keep in mind, it is never too late to have these kinds of plans in place. It is
now more imperative than ever that you have them, but most importantly, that
you are keeping them updated as you practice them. Speaking of this, which should typically
happen at a minimum on a semiannual basis, preferably even quarterly. Equally important is that you maintain a
distinct line of communications in your company, that can be activated at a
moment’s notice, 24 X 7 X 365 for the sole purposes of relaying any emergency
announcements to your employees and key stakeholders.
Make sure that you stay on top of the Cyber Threat
Landscape:
There are many ways that this can be done. Probably one of the best tools that you can
use in this instance is that of Artificial Intelligence, or AI for short. There are many AI vendors out there now who
are offering SaaS based packages that you can deploy in just a matter of a few
minutes. Typically, these can be used to
help filter out for false positives that come through, thus presenting your IT
Security staff with only those alerts and warnings that are legitimate. But also, AI tools can be used to help model
what future threats your organizations may face, so that you can be better to
handle them, if they ever come your way.
Best of all, since a majority of these solutions are now Cloud based,
they are very affordable with fixed, monthly pricing. Another way to keep up with the latest
threats is to go online and read the major headlines. True, there are many sites that offer this
information; you can simply select perhaps two or three of them and subscribe
to their respective RSS feeds in order to get those headlines that are relevant
to your company and industry. A
particularly good source to use is Google, as their repository is always
updated with the latest Cyberthreats and their variants.
Enable Multifactor Authentication & Virtual Private Networks:
Let us face it, WFH may now be the next new norm for many
businesses in Corporate America. As the
states are relaxing their Shelter in Place orders, many new public places will
soon start to open, such as restaurants and cafes. If your employees are still WFH for an
extended period, they will probably want to break away from the home atmosphere
and work at one of these places. The
temptation here will be to use the Public Wi-Fi, but this is probably the worst
security mistake that they can make.
Rather, your employees should be making use of Virtual Private Networks
(VPNs) in order to log in. Put in
simpler terms, your remote employee can log into your corporate network with a
network line of communications that is almost invisible to the outside
world. VPN solutions are now very
affordable, and in fact even downright cheap to get. Many of them are available through various
ISPs and Cloud providers. Most plans
typically run about $10.00 - $20.00 per month.
Equally important is the use of Multifactor Authentication (MFA). This is where your remote employee is
required to use at least three or more layers of authentication in order to
legitimately prove who they are before they can gain access to shared
resources. For example, a combination of
a password, RSA Token, and a Biometric modality (such as that of Fingerprint
Recognition/Iris Recognition) can all be used in tandem with another.
Keep educating your employees:
As your employees come back to work, now is more important
than ever to further educate them about Cybersecurity related issues,
especially as they evolved from COVID19.
Some things that really need to be addressed here is how to recognize a
Phishing Email, and how to use video conferencing tools in a secure manner. Because of the pandemic, many Phishing Emails
have become extremely sophisticated, and are extremely hard to detect now, even
to the trained eye. In this regard, it
would be wise to hire the services of a Cybersecurity Consultant and have him
or her give a presentation onto what the latest scams look like. Then, once this training is over, you can
then launch simulated Phishing attacks against your employees, in order to see
who still falls into becoming a victim.
Always remind them if they are in doubt about an Email that they have
received, they should always contact the sender in order to confirm its
legitimacy. At this point, it is
important to keep your employees motivated so that their guard will always be
up, even during these times of high anxiety.
In order to do this, you could use the concepts of Gamification, or even
reward your employees with a simple gift card if they have observed good levels
of “Cyber Hygiene”. Remember, a small
pat on the back can go an exceptionally long way in boosting employee morale.
Protect your business from both the outside and the
inside:
The common mis thinking these days is that Cyber related
threats always come in from the external environment. While this may be true to a certain degree,
the threat of Insider Attacks is even more real, and can be just as much, if
not deadlier to your business. For
example, you may have a disgruntled employee, or even a rogue third party
contractor. These signs are very often
difficult to track, until it is too late.
Therefore, as your employees start to come back gradually, it is
important that you implement some sort of hotline on a real time basis so that
your employees can anonymously report any erratic or malicious type of
behavior.
Get back into a regular schedule of software updates:
During this period of WFH, many IT Security teams have not
been able to deploy updates and patches on a regular basis, either because they
simply could not gain entry into the home networks of the employees, or they
were just spread too thin. The Cyberattacker
is fully aware of this and is now ready to pounce upon this as businesses start
to open their doors to the public.
Therefore, before you even do this, you need to have a meeting with your
IT Security team to see how best you can get back into a regular schedule of
deploying software patches and updates, and get them done before you do
actually open your doors.
Conduct an in-depth Penetration Testing exercise:
At this point in time, many Cybersecurity vendors are
offering exceptionally low and perhaps even free pricing on these kinds of
services, in order to help businesses out as they make the transition. With Penetration Testing, the vendor will
literally break down your walls of defenses to see where the unknown gaps and
vulnerabilities lie at. From there,
recommendations will be provided as to how they can be filled up. It is important that you do this as quickly
as possible, so that your business does not become the victim of a large scale
Cyberattack as your employees return to working in the office.
Conclusions
Overall, this article has examined some of the key steps
that you can take to get your business ramped in terms of its security posture
in a post COVD19 world. This list
provided is by no means an exhaustive one, a lot of this will depend upon what
you, the CISO or CIO and your IT Security team decide upon what is most
important, at least initially.
No comments:
Post a Comment