Cybersecurity: Keeping Organisations Secure In The Post-pandemic Reality

By   Dr. Muhammad Malik
InfoSec Leader & Editor-in-Chief , Information Security Buzz | Jun 09, 2020 04:01 am PST

With the UK government announcing changes in small increments to the lockdown restrictions, organisations are starting to consider the process of going back to business as ‘usual’. 

The truth is that, post-pandemic, organisations won’t be the same, not all businesses will be running at full capacity, nor will their offices be the same, with social distancing expected to last to the end of the year. 

Infosecurity Buzz spoke to six technology experts about what organisations need to consider from an IT and cybersecurity standpoint in the post-pandemic future.

Cybersecurity is key to business continuity

“For many businesses around the world, the upheaval caused by the virus has been nothing short of chaotic. Deploying a work-from-home strategy smoothly and securely, as well as the enormous spike in ransomware attacks during recent months, have been the root of concern among many business owners, governments, and schools,” says Alan Conboy, Office of the CTO at Scale Computing. “The focus for all organisations right now, and post-pandemic, must be business continuity: investing in systems that combine preventative measures and planned reactive measures to ensure that an organisation can continue doing business, despite potential threats, like those caused by the pandemic. In the IT world, this may include backup, disaster recovery (DR), easily deployed work-from-home solutions, and cybersecurity.

“While in the midst of the chaos it may seem irrelevant, or even a waste of time, to think longer term about business continuity. However, the potential for many organisations to keep a vast majority of their workforce working remotely, even as we begin to come out of the other side of COVID-19, in order to save on the cost of an office space, means it would be wise for organisations to consider investing in solutions and processes that are simple to implement, manage, and maintain remotely. Solutions that have built-in backup and DR, allow users to work remotely, safely, and securely, and provide protection from ransomware are becoming increasingly important in the new and uncertain times we are living through.”

According to Jeremy Atkins, UKI Sales Director – Enterprise & Public Sector at Commvault, organisations need to ensure endpoint security to prevent unwanted attacks: “Right now, IT leaders should be thinking about how to deliver the right service, securely and efficiently, as long as the lockdown endures. Not only this, but they should be thinking about how this situation has affected their long-term IT strategy, and how much they need to change it so it best aligns with the new normal.

“There are key questions the senior IT executive must ask themself. Do endpoints have adequate protection? Are you protecting the data in the cloud? Have you reviewed and updated your operational processes? Have you reviewed and updated your contingency plans?

“It is vitally important at this time for businesses to think about what they currently have on their IT agenda, and assess whether some projects can be put on hold. Now is the time to focus on what needs to be done in order to secure and enable the business, then build the new programme that will make life easier and more flexible in the future. Whilst the current situation may be temporary, it still leaves plenty of opportunity for disaster and attack both from external and internal sources. Along with the speed and scale of this change, we cannot exactly pinpoint where we will be in six, 12, 24 months, so it is best to be prepared for whatever the future may hold.”

Steve Blow, UK Systems Engineering Manager at Zerto, warns against phishing emails and ransomware attacks. “Ransomware attacks are not new or even uncommon, and they will continue to be prevalent long after we see the other side of this global pandemic. But one thing many businesses have become more aware of since the start of the pandemic, is the importance of a modernised data protection strategy to safeguard their valuable and sensitive data. And they are not wrong – just a single employee clicking a malicious link in their emails could mean a ransom must be paid for all business data encrypted.

“Cyber-criminals often exploit vulnerabilities in employee emails, so it is crucial to have the right cyber-defences in place to avoid a disaster where critical data could be at risk – especially when it comes to government or healthcare organisations. Having appropriate role based access control and an extensive tiered security model will help minimise risk. But, the attack itself is only half of the problem because, without sufficient recovery tools, the resulting outage will cause loss of data and money, as well as reputational harm.

“Over the coming months it is important that we see more organisations utilising tools that allow them to roll back and recover all of their systems to a point in time just before an attack. This level of IT resilience will prove to be paramount, as emails continue to exist at the core of most organisations, they remain a standing target for ever-sophisticated cyber criminals, whether in the middle of a pandemic, or not.”

Ensure employees stay secure at home

Despite government restrictions being lifted, many employees may continue working from home due to health concerns or a changed working culture, so organisations will need to think about the security of their workers who continue to work remotely. Jay Ryerse, CISSP, VP of Cybersecurity Initiatives at ConnectWise, explains, “It’s important to consider that not all employees will want to come back to the office full time. Also, with the requirements of social distancing likely to be long-lasting, many organisations will have to implement designated work-from-home and in-office days for different teams. This will clearly impact how organisations purchase IT infrastructure going forward, for example, buying more laptops instead of desktops. That also means they will need to train employees on using a VPN connection to ensure the business can control whether the data flow is secure without putting the organisation at further risk from using BYOD.

“What we’re dealing with here is fear of the unknown. Many employees live with their families, so they don’t want to be put at risk of catching the virus if they have somebody vulnerable at home, whether it’s an elderly parent or their kids. For those organisations that put infrastructure in place to allow their employees to work from home, they’ve most likely realised that the team can perform admirably in a remote workforce environment. This means organisations will need to strengthen their security as the majority or part of their organisation will want to continue working remote, and protecting their own company and customer data from cyber attacks and even hardware failure will be critical.”

Invest in key IT and security infrastructure

Bob Davis, CMO at Plutora, explains that software development teams need key collaboration tools to function effectively, to keep businesses running smoothly. “The basic collaboration tools everyone has flocked to aren’t enough for them to communicate the complexities of a software pipeline, much less the health of the software delivery life cycle. Software delivery teams were used to an intricate web of connection, collaboration and communication that has been upended. Though teams that return to the office may be able to get back to what they’re used to, many businesses may find themselves continuing this remote model for much longer, either part-time or full-time.

“The solution for each of these scenarios is a VSM (value stream management) product. No matter where people are, they can collaborate in a way that fits their role. VSM provides a single source of truth across an array of remote workers and remote software development teams, meaning that regardless of whether every employee is able to return to the office, they can still work effectively with their teammates. VSM is the foundation for work transparency and provides team members access to self-service learning, ensuring everyone will always be on the same page. It also provides managers with insight into their team without requiring manual documentation and check-ins, again improving efficiency, and helping remote workers to focus on the job at hand, rather than checking in repeatedly every day. As we learn to get back to work, it’s crucial that businesses relying on software development start to implement these measures now, to ensure a smooth transition to the ‘new normal’ of the future.”

Behavioural analytics is monumental to saving time for security teams to detect suspicious behaviour, especially when workers are remote suggests Richard Cassidy, senior director security strategy at Exabeam. “As we plan for a new normal, we need to consider how we can better support our security teams and automate as much of the more time intensive and mundane tasks as possible. This will help security professionals better protect their organisations, and will help more junior analysts do more to support their team. But we also need to rethink security operations centre (SOC) practices – the attack surface is far greater now and IoT security is a bigger risk vector than ever before. Organisations need to cast their net of inspection far wider now. The home office is the new corporate cubicle, and security teams will need to detect anomalies from home networks, users and devices – sources that are far easier to compromise, because they inherently lack security capabilities.

“Key to this is a foundation of behavioural analytics that can help detect attacks and automate incident response. This frees up security teams enormously by using existing datasets to detect anomalies across the entire estate and monitor critical assets to find early signs of suspicious activity. When presented with the most critical information and with all of the necessary context, security teams can better respond, mitigate, and remediate the many threats they are faced with.”

It’s evidently not clear what lies ahead post-pandemic, however, one thing is certain that having the right tools and security software in place should be on the top of every organisation’s agenda, despite the current global circumstances. The last thing any organisation wants is to be compromised due to a ransomware attack or a phishing email, that could have simply been avoided.