When the Covid-19 pandemic forced businesses to shift overnight, even companies with robust cybersecurity measures were caught unprepared.
A massive influx in remote employees, coupled with a boom in hacker activity, forced businesses to overlook best practices in the name of immediate convenience. In some cases, that meant connecting employees to networks without proper safety precautions. Wider digital attack surfaces presented a bounty of opportunities to unscrupulous actors looking to steal money, data, or both.
By now, most organizations have taken steps to reduce their exposure to threats and have educated employees on the importance of staying vigilant while working from home. These short-term measures will not last forever, though, nor do they replace the need for sweeping change. The pandemic changed the face of cybercrime overnight. Now, businesses must not only round out their responses to the current crisis but start preparing for what comes next.
New Remote Ecosystems
Companies should take this opportunity to invest in permanent remote work changes rather than using Band-Aids until employees can return to offices. Many employees may find that remote work suits their lifestyles better, and if one company won't honor their wishes, another will.
The age of remote work, recently in its infancy, hit a coronavirus-inspired growth spurt and has now become an awkward teenager. More businesses will soon reconsider what types of work employees can do remotely as the market demands a shift away from traditional environments. As that happens, companies will face sustained pressure from threat actors at new remote weak points.
Technology leaders can combat the repercussions of larger attack surfaces by investing in cybersecurity tools and better communication practices. IT departments should work with internal marketing teams and HR to develop regular reminders to keep employees' attention on good security habits while working remotely.
Short emails with actionable advice can help, but many employees don't fully internalize one-off communications. Companies should also conduct regular tests, and practice runs on dealing with potential bad actors to keep employees on their toes.
Executives and their teams should also use this chance to formalize layers of protection. Remote workers should use VPNs when working in company systems. Some employees may not welcome mandatory two-factor authentication, but they must be ready to embrace additional security for the convenience of remote work.
More Practiced Threat Actors
Threat actors typically seek the least effort for the highest return. Before the pandemic, that meant probing for weaknesses in company systems or using basic social manipulation on unsuspecting employees. In the future, threat actors will be able to review their most successful practices from pandemic times and adapt their strategies.
Think of hackers and opportunists as their own type of business. They A/B test different strategies, perform cost/benefit analyses on opportunities and generally try to make more money than they lose. State-sponsored actors, with greater resources and a wider variety of motivations, may act differently. For the most part, though, companies can avoid becoming prey by making themselves as unappealing a target as possible.
In the face of more capable thieves, the safest businesses will be the ones with the least to steal. Businesses should only keep the customer information they need, so they don't lose that data (and take a big PR hit) in a breach. To combat more severe threats, technology leaders should rely on the latest cybersecurity tools, stay updated on industry trends, and conduct regular checks to patch vulnerabilities.
Back To Social Basics
To stay safe in a post-pandemic world, technology leaders must develop workforces prepared to act as the first line of defense against all manner of threats.
Social manipulators infiltrate secure systems by taking advantage of obvious human flaws. You can prevent the most straightforward attacks with basic rules, such as no writing passwords on sticky notes and mandatory two-factor authentication. Train employees to feel more comfortable with their technology, so they don't rely on unsafe and outdated practices.
Leaders are not exempt from these rules. A CEO may be a brilliant negotiator, but that same person may keep a small book of passwords in a desk drawer. A thief who knows the right address could slip through a window and gain access not only to cash and valuables but also to company logins with millions of dollars on the line. Even a simple Twitter password in the wrong hands could lead to crashing stocks, as evidenced by Elon Musk's latest comment.
Get buy-in from everyone, from the C-suite to the greenest employee. The future of cybersecurity is about cooperation and shared responsibility. Practice social manipulation avoidance, and stay updated with tools and technologies. Keep team members vigilant. Every remote and in-office worker should feel comfortable playing a role in a broader cybersecurity strategy.
Inventory And Monitor Attack Surface
Cybercriminals love easy victories. In the wake of emergency shelter-in-place orders, many businesses created haphazard work-from-home arrangements without taking proper precautions.
Don't feel guilty about missing the details during the rush, but don't make excuses and leave security flaws untouched, either. Your organization must have a comprehensive inventory of the organization's attack surface and identify areas that may not have sufficient security. Do all employees have VPNs? Do those VPNs work as intended without any obvious security flaws? Do any departments use workarounds to avoid going through proper channels?
With a complete inventory in hand, plug all dangerous gaps, and set up processes to monitor potentially weak areas. No one can catch everything, but cyber thieves would rather target businesses that leave wide-open doors than companies that make it difficult to sneak in.
Avoid the development of shadow IT by talking with managers about the systems that employees use. Many times, breaches occur not because a system was not secure, but because a well-meaning employee introduced a security flaw for the sake of convenience. In the wake of the pandemic, even smart IT workers could inadvertently develop bits of shadow IT. Continue to monitor the attack surface and take inventory at regular intervals to reduce the chances of a breach.
Find out more about how RiskIQ is enabling the cybersecurity community during COVID-19, and learn how RiskIQ Digital Footprint can help your organization keep track of its attack surface as it expands beyond the firewall here.
The RiskIQ Intelligence Connector for Microsoft Azure Sentinel Is the Context-Rich Force Multiplier Security Teams Need
Digital initiatives have changed the enterprise attack surface and how organizations appear online, both to users and malicious actors. Meanwhile, the threat landscape has evo...