Since the outbreak of the novel Coronavirus disease, organizations across the globe encountered dramatic changes in their business operations. The swift adaption of the work from home strategy has increased the risks more than ever. In addition, the ongoing crisis has significantly impacted the role of CISOs and other security leaders globally, making them digitally empathetic to deal with new cybersecurity challenges.
By Rudra Srinivas, Feature Writer, CISO MAG
The new cybersecurity priorities post COVID-19 that will become the new normal for most CISOs, will include:
1. Securing Remote Employees
With organizations working remotely, the security of employees’ devices became a major concern for security leaders across the globe. There was a rise in the need to secure endpoints, as multiple access points from multiple locations are connected to a corporate network. However, the lack of security in remote work environments exposes vulnerable devices to potential cyberattacks. New security policies have been created and certain permissions are relaxed due to the swift change in the remote work culture. Several industry experts stated that the surge in remote work increased the risks of cyberthreats like never before. The ongoing crisis forced CISOs to work uphill in order to meet the risk assessments.
2. Quick Actions Required
The ongoing crisis has forced organizations to go digital, overlooking potential cyber risks. These sudden developments could lead to cyberthreats like DDoS, defacements, and data breaches. At this point in time, it is essential for CISOs to patch the holes in their network security as quickly as possible. This indicates that product research, purchasing tools, testing, developing, and deployment should ramp up quickly. CISOs across the globe are now looking for security tools that are configured instantly and easily to prevent new cyber risks.
3. Tackling New Attack Vectors
The threat actors have reinvented their attack approaches during the ongoing pandemic. COVID-19-related phishing scams, disinformation campaigns, weaponized websites, and malware infections have become widespread across the internet. Recently, a security firm discovered that threat actors distributed malware disguised as “Coronavirus Map” to steal personal information that is stored in the user’s browser. Attackers designed multiple websites related to Coronavirus information to prompt users to click/download an application to keep themselves updated about the situation.
In addition, the number of ransomware attacks on remote workers has also increased in recent times. Ransomware operators are forcing companies to pay a high ransom in order to get decryption keys. According to a recent survey, the average enterprise ransom payments increased 33% ($111,605) in Q1 of 2020 from Q4 of 2019.
4. Security Concerns with Third-Party Applications
Endpoint security at home is not as secure as it is in the office. Large swaths of remote workers are depending on third-party video conferencing apps, cloud-based productivity tools, and other virtual private networks during the lockdown. These are, in turn, exposing remote workstations to potential vulnerabilities that already exist within these applications. Malicious actors are misusing the crisis to exploit the loopholes in third-party products and services. Several privacy and security concerns associated with these apps resulted in severe criticism and cyberthreats globally.
For instance, the Zoom videoconferencing app was flagged unsafe due to its vulnerability to cyberthreats. Over 500,000 account credentials of Zoom users are being sold on the darknet. According to a research, hackers have shared a database containing more than 2,300 usernames and passwords of Zoom accounts on dark web forums. The FBI slammed Zoom for not maintaining proper privacy and security measures for its users. The authorities also warned that the video meeting app is prone to hacking, as it contains certain unpatched bugs.
When employees work from office, they are protected by a strong security infrastructure that has been put up in corporate network systems. But when the same workstation is operated from a different location and different network, it automatically increases the level of risk. At this moment, it is crucially important to build an integrated cybersecurity architecture to secure the remote workforce. It is certainly a greater challenge for security leaders to monitor and protect the employees against malicious attacks with new demands coming in due the changing business model.
About the Author
Rudra Srinivas is part of the editorial team at CISO MAG and writes on cybersecurity trends and news features.