Cybersecurity Best Practices – Preparedness for a secure remote workforce, compliance, and building a cyber-resilient environment
In today’s critical situation, organizations are getting prepared for business resilience and employee safety as a first step toward fighting against the coronavirus pandemic. Enterprises are supporting government initiatives and prioritizing the safety of their employees, who are now working from home on business-as-usual tasks, including IT infrastructure administration, monitoring, and compliance management. A remote workforce brings vital benefits to a business in terms of enhanced productivity, reduction in the spread of the virus at the workplace, and reduced operational costs, which can be utilized to invest in employee safety. The adoption of Software as a Service (SaaS)-based services has recently increased, with organizations buying licenses to enable remote working for employees yet without understanding the associated security risks introduced by unknown threat vectors.
A comprehensive and practical approach is required to mitigate the business risks from undiscovered cyberattacks. Another critical factor is a trusted partner who can provide unified end-to-end services to effectively manage new ways of working.
A tailored emergency advisory service is the need of the hour to compete against the cyber threats brought about by the pandemic. Organizations are enforcing remote working policies for employees, but that’s not enough to protect against modern threats emerging from the adoption of SaaS services and the relaxation of Bring Your Own Device (BYOD) policies. In the era of Internet of Things (IoT) connectivity and automation at scale, organizations must think beyond ad hoc workforce solutions such as remote access. A control framework should be mandated that’s not limited to a remote access solution, which would be focused on providing the resources and support for enabling supporting employees to work from home. An overall solution should focus on fortifying perimeter defense controls, reviewing and streamlining existing IT processes, enabling continuous attack surface visibility, and deploying required security controls that will protect from the abrupt leap of cyberattacks and an organization’s evolving digital environment.
As enterprises respond to the worldwide pandemic, changes in business processes driven by lockdowns are having dovetail effects on IT. As IT teams come to terms with increasing demands to enlarge enterprise perimeters and provision remote working, a number of cybersecurity challenges are emerging:
- The strange and evolving attack surface creates new unknown vulnerabilities.
- Inadequate IT resources can’t support the increasing demand for bandwidth, security controls, and operational staff.
- BYOD and remote workforce policies and processes are not updated.
- Unsafe authentication policies for a remote workforce can cause compromised identities.
- A lack of mandatory security controls is in place for protecting against ransomware and service disruptions.
- Cybersecurity hygiene, visibility, and monitoring processes haven’t been established.
- The unavailability of security controls creates vulnerabilities for critical infrastructures such as Operational Technology (OT) networks, Point of Sale (POS) systems, and cloud workloads.
- Unpatched legacy systems are running critical applications and open to cyberattacks.
- The prompt shift to using cloud applications is leading to vulnerabilities caused by employees accessing critical data from unmanaged devices.
Cybersecurity experts need to support enterprises during this journey by helping them identify new cyber threats and assess the gaps in their security controls. Typically, enterprises can take the following four steps to secure their infrastructures from the current and any future crises:
Business Resilience Strategy: Safety First!
While the authorities and the World Health Organization (WHO) balance containment measures against the cost of social and economic disruption, businesses must create a cyber resilience strategy that balances preparations and responsive actions. The immediate recommended strategy is to promptly assess and respond to business continuity risks brought on by the outbreak and fortify their infrastructures to protect against cyberattacks. Below is a cyber resilience framework that provides high-level considerations for crisis management.
Cybersecurity Resiliency & Monitoring
As this pandemic unfolds, organizations need to prioritize resiliency more than anything else. This includes how to sense, resist, and respond to disruptive cyber events, and, if needed, to recover from them within an acceptable timeframe. Cyber resilience is a cultural approach that requires a top-down adoption for managing the risks and building resilient environments aligned with the business cybersecurity goals.
The security control framework needed to reach these goals consists of a basic triad that involves people, processes, and technology, but it must also meet regulatory and legislative compliance requirements. These would include guarding against legal, contractual, and third-party risks, as well as instituting continuous compliance monitoring for cyber threats and associated countermeasures.
An emergency advisory service can help organizations mitigate threats while their workforce, including security operations and compliance teams, is working from home. To effectively build the resiliency for this pandemic situation, organizations need to focus on the following four key pillars:
Enterprises today need a unique, comprehensive approach to discover, identify, prioritize, and remediate risks associated with the pandemic and its overall impact on an organization’s security posture.
For a quick and independent assessment of your enterprise security posture and its ability to respond to the crisis caused by the pandemic, please get in touch.
By Amit Kothari – Wipro, is a cybersecurity evangelist and works as a Partner Alliance lead for the Asia-Pacific region