COVID-19: Flattening the cybersecurity curve

COVID-19: Flattening the cybersecurity curve
(Image credit: Shutterstock / Askobol)

As CIO’s and CTO’s fight the impact of the pandemic, they’ve also had to stiffen their lines of defence against cyber criminals who seek to take advantage of the situation. Organisations have quickly pivoted to allow working from home in response to lockdown orders, leading computer networks to experience additional and new strains that are leaving them susceptible to infiltration by cyber criminals.

This rapid transition to remote working has taxed the security and IT infrastructures of many companies, which has led to an exploitable opportunity. In fact, our research has shown a 667% increase in spear-phishing email attacks related to COVID-19 since the end of February. The gap between cybersecurity risk and defensive effectiveness is as wide as it’s ever been for many companies. Suddenly, cybersecurity has been pushed to the top of any business’ agenda – from the vulnerabilities in Zoom, to the explosion in use of personal devices on corporate networks.

Against this backdrop, here are the C-suite’s biggest security concerns, as well as the solutions they must adopt to turn the tide against these rising threats

Networks under pressure

Employees work within the security parameters that their company sets out. When working from home, this safety precaution suddenly becomes harder to uphold. Many personal devices are connected to a shared network, giving way to several unprotected endpoints – opening the door to potential security breaches. This massive shift towards working remotely has expanded most organisations’ attack surfaces, making them harder to monitor and minimize. In fact, recent research has revealed that one in two companies feel that they cannot secure home office environments properly.

Indeed since the move from the office to working from home, organisations may find that their cybersecurity protocols no longer stack up as they fight to contend with the deluge of remote connections, several dispersed endpoints and contention rates on the ISPs. Cybercriminals know that each employee who works from home presents a new gateway into their company’s network.

In order to address these heightened network challenges organisations must ensure that applications that hold sensitive data are accessed securely, and that company-issued devices can be remotely wiped clean in the event of a breach or loss. Putting in place continuous monitoring of devices is also critical. Here, tools like Augmenting Identity and Access Management (IAM) are critical as hackers with stolen credentials will attempt to access important data. For highly regulated sectors, such as financial services, healthcare and critical national infrastructure services (CNI) , this will be an important area to consider during this crisis. Ensuring multi-factor authentication and reviewing single sign-on for critical applications will help improve security.

Finally, whilst cost considerations are often the biggest barrier to implementing such emerging technologies, our research found that AI lowers the cost of detecting and responding to breaches by 12%, on average.

Securing corporate culture

Many organisations will already have a mature working from home process from a corporate culture standpoint and more secure ways of working remotely. In this instance, the biggest worry is not themselves but other companies they are dealing with who haven’t taken that journey. External parties might use unapproved software as collaboration tools or other working from home tools that would introduce security challenges into the corporate environment.

Indeed, the surge in virtual conferencing and other collaboration tools are exposing more vulnerabilities for hackers to exploit. Companies quickly adopting consumer-grade video conferencing can make it easy for an attacker to pretend to be a member of staff. Here you must, ensure that staff use vetted and authorized video conferencing services where possible. You could suggest the meeting be held on your companies’ facilities, if you’re unsure. Also, as always, make sure applications and operating systems are patched and up to date.

Cybersecurity for remote working

While working from home, employee attitudes towards security procedures can become relaxed, and the C-suite must consider how they can influence these behaviors and ensure they do not lead to an increase in breaches. There are a number of steps that the board can implement in order to monitor the security activity of their companies. Firstly, they should consider running security awareness campaigns across the organization to educate employees on the cybersecurity challenges they may face as they work from home. 

This includes informing employees about the potential risks of using non-approved storage systems, or the issues associated with breaches of personal data confidentiality as enshrined in legislation like the GDPR. Employees should also be educated about email-based fraud and malware schemes that take advantage of the pandemic. Examples of this include fake emails claiming to be from authentic sources such as the Center for Disease Control and Prevention (CDC), the World Health Organization (WHO), government sources or health insurance firms. Office emails should be a vital source of information for employees and educating employees on email-based security issues will be important.

As employees work from home, they may not be able to access internal communications channels via secure VPNs and internal company webpages may not be the right way to educate employees. To offset this, the board could task IT teams with establishing alternate communication channels - critical to ensuring that all employees receive regular cybersecurity updates.

COVID-19 has tested cybersecurity defenses like never before. However, the investment and focus that the C-Suite bring to the issue now will allow them to emerge even stronger in the future – armed to exploit new technology advances and operate in a world where working from home will become increasingly a fact of life. Because ultimately taking the right cyber approach now, not only makes financial and reputational sense, but can also create value in the eyes of customers, stakeholders and peers.

  • Richard Starnes, Chief Security Strategist, Capgemini
Richard Starnes

Richard Starnes is the Chief Security Strategist for Capgemini, where he is responsible for thought leadership, professionalism and operational cybersecurity for several of our company’s largest clients. He is a leading international voice in cybersecurity with twenty plus years of experience implementing information security management programs in both the US and UK. He works closely with corporate executives and the board to approach their enterprise information security program requirements from a risk management perspective. He has developed, implemented, and managed the overall cybersecurity security strategy, associated architecture, policies, standards, guidelines, tooling, vendor and third-party management and training and awareness at an enterprise level for numerous global and national companies. He also regularly speaks at conferences, publishes and is interviewed on cybersecurity matters.

His contributions to the cyber-security community include being a Liveryperson of the Worshipful Company of Information Technologists (WCIT) where he is also a member of their Security Panel. He is a Fellow of both the Information Systems Security Association (ISSA) and the British Computing Society (BCS). He holds a Master of Science in Information Security from Royal Holloway, University of London, and is a former senior instructor for the (ISC)² CISSP CBK seminar.