As governments begin to lift emergency orders, business leaders consider policies, technology and processes to protect their workforce. Many of these factors rightly focus on health and safety, but we also have to recognize that we are all still targets for cyberattacks. The new world of work-from-home has poked countless holes in security perimeters, so organizations also have to prioritize Cyber security After COVID-19 preparation.
Going Back to Work Securely
According to a recent (ISC)2 study, 23% of cyber security leaders said their organization had experienced an increase in cyberattacks since COVID-19 caused employees to start working from home. Although 50% said they believed they practiced best practices, they also said they should do more to secure their remote workforce. This situation has demonstrated that during a crisis, the bad guys don’t go on holiday.
What had changed during that time in the environment? And, what modifications have not been made to protect it best? This is the gap paid to CISOs by filling as businesses consider returning to work-as-normal. It is uncertain when many places around the world will reopen. As some states and counties express their plan to open up (or have already started to do so), the time is now for security leaders to take the measures required to ensure the transition is safe.
Here are a few key factors:
- Vulnerability Check: Laptops and other devices are enormous assets that allowed employees to continue their work remotely. But when out of service, those who do not connect to the corporate network through a VPN may not have received the requisite updates to OS, Web, AV and GPO that they would usually receive. It puts organizations at risk as these systems reconnect with corporate networks. When returning to the network, it might not be necessary to search for all devices. Still, security leaders will consider doing so where they can-as well as planning processes to verify accessories returning to the corporate network.
- Devices of Quarantine Returning to Business Network: Following a zero trust model, security leaders will ensure that any potential risks that may have arisen because of remote work are accounted for. Only allow access to devices if they have been validated as secure. While quarantining devices by default may initially introduce some user experience and complexity challenges, risk minimization is an essential step in this type of scenario.
- Educate Employees: Given the rapid nature of the transition, there was little time to educate staff on appropriate remote work practices. While returning to the workplace, the benefit of security leaders is that there is plenty of time to be vigilant when educating staff on best practices, as well as risks such as targeted phishing attacks that may try to take advantage of the move.
- Get Ready for those who can’t Get Back to the Office: While in the coming weeks or months, some employees may be heading to work, which may not be possible for every employee. Some employees may have underlying health concerns that place them at higher risk, making it safer for them to stay at home, or maybe they have kids at home that need care.
- Consider Upgrading Approaches for Cybersecurity: Finally, during this time, there is a unique opportunity to reconsider long term cyber security strategies. This could include using quiet networks to base network activity to understand abnormal movement better, or rethinking security policies and remote work procedures. In any case, the leaders should take some time to step back and think about what this crisis has taught them about their organizations and any exposed security weaknesses. That information can inform strategies in the coming months and years.