Getting Ahead of Cybersecurity Disasters

Bad actors are looking to exploit the COVID-19 related confusion that has resulted as employers strive to keep their workforces safe while maintaining business continuity.

In early May, two separate companies involved in building temporary hospitals in the UK reported that they had been victims over unrelated cyber-attacks; but it’s not just organizations operating in healthcare that are at risk – organizations across all sectors are constantly being targeted.

In many ways, the pandemic is simply another opportunity to breach corporate networks. So, what is driving the proliferation of attacks, and how can enterprises keep ahead of hackers and protect their data?

When everything was on-premise, it was straight forward enough to protect – firewalls could protect all critical apps and information when everything was within one server. As you add cloud computing, mobile working, decentralized locations, what’s happening is that you’re giving more people keys, creating more gates, adding more doors, and it becomes much harder to track who can access what, and whether all doors, windows and gates are secure. It is also more likely that keys will be lost, or used by unauthorized entities to get in.

Five steps to keep ahead of bad actors
How are businesses expected to keep ahead of bad actors in this maelstrom of challenges? I would recommend the following five steps initially:

Controlled access: Not everyone needs full access to a system, yet in some organizations, the process is to provide everyone with near limitless access and just protect the most sensitive of information. That needs to be flipped around, so that access is only available when there is a genuine business need. Most employees don’t need full access to do their jobs, so they get a basic level which can be revised if their role changes. The next level up would restrict access to certain functions – for instance, to finance for financial data, or to marketing for specific customer preferences. This continues as the sensitivity of information increases, with access becoming increasingly limited. In this way, not does it stop anyone walking around, but if a breach occurs, it is much easier to track who had access and how hackers may have got in. 

Data protection: In the same way that access can be controlled, so can the protection provided to data be graded. Certain data can be classed as open, other types as internal only, confidential, more sensitive and so on, with the protection becoming more sophisticated, including bringing in encryption that ensures that even if hackers can get into the applications storing the information, breaking the encryption will severely hamper their progress. This layered approach also means that the implications for certain types of breaches are clear, and companies can plan accordingly. 

Decentralized security: The first two measures are designed to restrict unauthorized access to data once someone is in a corporate network, but before they get to that stage there needs to be security that mirrors the company set up – which in today’s world, means decentralized. For most organizations, securing every application would take too long, so they need to focus on endpoints and channels – that means encryption, so that a message sent from one device to another can’t be read, and that only secure communication channels and protocols are used out of the office.

High availability: It also needs to be available constantly. If there’s any lapse, any moment where a secure channel needs to be offline, any communication that takes place during that time will be unprotected. Like leaving the front door open while you’re in the back garden, it renders all measures useless for that period of time and creates a window for hackers. 

Comprehensive communication and collaboration: Employees, particularly in times like now, want to be able to communicate and collaborate in an easy manner. Most are going to default to the application that’s easiest to use, even if it’s not the most secure – just look at the proliferation of Zoom in recent weeks, even though the business is still trying to address many of its challenges. That’s why companies need to provide secure ways of messaging, communicating and meeting, while also educating their staff on the risks of using consumer-grade technology.  

Keep your data secure, no matter what the situation
We might all be in this together, but that sentiment isn’t going to stop hackers exploiting any confusion resulting from a shift to a decentralized way of working. That’s why businesses need to stay one step ahead – it’s not enough just to have your teams working from home, you need to make sure that your security set up is mirroring your current operations.

What’s more, the suggestions above are not just to help improve security during the pandemic – they’re principles that will help all organizations cope with the continued trends of shifting to cloud and increased mobile working, which are undoubtedly set to continue as we emerge from the coronavirus.

What’s Hot on Infosecurity Magazine?