In response to a new Bitdefender report which found that COVID-19 has left businesses at a far higher risk of cyber-attacks, largely due to their corporate infrastructure being exposed to attack vectors and threats that would not have been considered a year ago, experts from three cybersecurity firms offer perspective.
All organizations must have a robust security program that includes a repeatable change management program to keep up to date on known vulnerabilities.
Without up-to-date patching, it\’s an easy attack vector for cybercriminals, nation-states, and a beginning hacker to scan the internet to find network devices that are not up to date.
Having vulnerabilities exposed to the internet is like leaving the front door unlocked to your house when you go away on vacation. While you might be able to stop them from stealing your essential items with an alarm system, the bad guys have been able to break in and could get away with valuables.
Keeping the external systems current with the latest software significantly reduces the risk of a successful attack and the potential damage to the brand, revenue, and resources.
For all employees working remotely, it\’s critical to have a policy for all workers to utilize a VPN connection from their homes to the office to reduce any risk from other devices on the employee\’s home network attempting to access corporate devices.
Having a robust security awareness training program that will educate employees to spot phishing emails will reduce the risk of a business email compromise attack. This training can ensure that employees can make smarter security decisions and protect an organization from various cyber-attacks.
Indeed, the immediate rise of WFH initiatives caught many IT departments unprepared to address new threat vectors and data security concerns amid the newly amorphous network perimeter. The SMB data transfer protocol has long been a target of bad actors seeking to penetrate file servers. I encourage IT leaders to look at all mobile applications being used by employees to ensure that any apps that access files behind the firewall are engineered to be managed by the company, deploy timely patches to address newly discovered vulnerabilities, and commit to data privacy and data protection on an architectural basis. Thankfully there are EMM providers such as BlackBerry who assume the burden of testing and evaluating integrated applications from third-party vendors (such as Inkscreen) to ensure best-of-breed solutions for enterprise and government use cases.
For the past three decades or so, organizations have invested in centralized information security controls such as firewalls, IPS, and patching solutions that assume that the network population is safely inside the company’s perimeter. The mass migration to work from home hasn’t so much introduced new threats so much as it has redefined that default assumption, rendering the centralized controls built around it far less effective.
Another area of weakness highlighted by the raft of recent VPN and other remote access product vulnerabilities is monolith patch culture. For many organizations, patching efforts are centered around Windows patches, with other third-party software and notably networking equipment only patched on an ad-hoc basis. This reliably leads to delays, confusion, and incomplete coverage for patching even serious security vulnerabilities in these systems.