In response to the COVID-19 pandemic most organisations have moved quickly to equip their security analysts to continue threat detection and response activities from home. Not everyone, however, is able to access the necessary tools and resources at home and almost all are reporting that the disruption has led to an upsurge in cyber attacks aimed at individuals.
To counter this, we are advising customers to have a security operations platform in place that fuses essential cybersecurity information in one place. Cybersecurity teams should have centralised visibility along with risk-based decision strategy, so that decisions can be better prioritised in these heightened risk exposure times.
Practical measures to take include
· Upgrading the seriousness of alerts allied to their most critical assets
· Adjusting the risk matrix
· Changing the default severity of phishing alerts
· More frequent vulnerability scanning of remotely access services and remotely connected devices
Constantly tweaking threat-levels in this way allows organisations to quickly realign their priorities to optimise detection and response effectiveness.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics