Chief Technology Officer/CISO
At DataEndure, we are and always have been about people. So, helping people navigate through the challenges posed by COVID-19, where we can, is important to us. We are very aware that cyber-adversaries are finding this to be a most opportune time to grow their bounty. It is for this reason we created this blog.
With many regions rushing to protect their employees and conform with “shelter in place” orders, more and more of our workforce has had to go mobile – quickly – and the protective edge has faded into the sunset. Because the majority of the workforce gets their protection while in a physical office, this has opened a significant security gap for organizations.
Here is the scenario we are seeing play out:
Bad actors have jumped into this crisis, seeing it as an opportunity to SPAM our now remote employees with “time sensitive information” about COVID-19. Drawing them in to click on links that we have spent hundreds of hours training them not to – and exposing the organization to risk. People are nervous, they are seeking meaningful information – and security training goes out the window.
How do you get a handle on this?
Organizations have had to respond and move quickly to this changing situation. While it sounds simple, focus on the basics: your security procedures, processes and practices.
These are five steps you can implement right away to strengthen your security and enhance your digital resilience:
- Don’t stop the security awareness training, if anything, ramp up on it. Train and educate users on what to do and what not to do. The bad actors are counting on your employees making mistakes and clicking on known bad links that install trojans, capture credentials or implement ransomware.
- Have advanced phishing and spearphishing protection, not only to detect, but to prevent the bad emails from ever getting to your users.
- Have advanced DNS protections on all endpoints to stop the end users from being able to get to known bad URLs, in the event that bad emails inevitably get through your first layers of defense.
- Have advanced next generation anti-malware protection on the endpoints to stop the malware from taking hold and causing any damage when it inevitably gets past the previous layers of defense.
- Finally, as a critical line of defense, keep your Security Operations Center staffed and at full strength monitoring and analyzing logs, network traffic, user and entity behavior, vulnerabilities and performing tests across your network to be sure your controls and policies are in place and working as you designed them and expect them to. This way, if any of your other layers of defense fail, you have trained experts hunting for threats and bad actors in your network (not just behind your walls) 24×7.
We expect some might read this and think “I’ve done all I need to,” having implemented the layers of defense above. We hope you are right. In the timeless words of President Ronald Reagan, “trust but verify.” If you don’t integrate the testing of defensive tactics and controls with vulnerability assessments regularly, how do you know your controls are doing what you designed them to do? Are they performing optimally or has configuration drift opened holes in your defenses? Have any of the recent changes you’ve made to adapt to remote mandates created exposure for you?
Consider a Health Check – On Us
You have a lot to do. We’d like to help. We are offering a complimentary Security Health Check – no strings attached – to help you understand where and how you might need to strengthen your defenses, and to give you clarity around your security posture, controls and abilities to detect threats and respond to incidents.
No doubt these are challenging times, but we are all in this together. Please don’t hesitate to reach out with any questions you might have. As always, we’re here to help.