Avoid making your business a casualty to the COVID-19 outbreak by following these simple security mantras.
By: Rakesh Kharwal
The current worldwide outbreak caused by Coronavirus or COVID-19 is giving sleepless nights to security professionals across the globe, even though this virus isn’t remotely related to the world of ICT. The global pandemic gripped nearly all countries, forcing businesses and industries to either completely stop operations or, rather, conduct them via measures like work from home. Since personal devices and networks are more vulnerable to cybersecurity threats, this has created a unique challenge for cybersecurity professionals all over the world.
CERT-In reports show that there has been a substantial increase in the number of cyberattacks on personal computer networks and routers since professionals were asked to work from home in the wake of the COVID-19 outbreak in the country. Cybercriminals are exploiting the COVID-19 outbreak as an opportunity to send phishing emails claiming to have important updates or encouraging donations, impersonating trustworthy organizations.
So, in order to avoid any undesirable event, you must ensure these cybersecurity protocols to safeguard your business:
Equip Your Security Operations Center (SOC) & Following Best Practices:
To begin with, you must improve your SOC efficiency with total visibility and control. It must be ready to deal with any threat on a war footing. A study by Ovum indicates that over 73% of organizations use more than 25 cybersecurity tools in their SOC while 9% use over 100 security tools. The sheer intricacy of individual tools and challenges in juggling between them creates a layer of inefficiency for your cybersecurity professionals. You must begin with creating a centralized and integrated dashboard using advanced solution stacks like SOAR (Security Orchestration, Automation, and Response). It will also respond to low-level security events by itself without troubling your security team.
Secondly, ensure that your entire network is secured with a VPN. A VPN completely encrypts your traffic and makes it unreadable to an interceptor. If you are using Remote Desktop Protocol (RDP), remember that it has a long history of security issues and can expose a device’s standard port to threats. Only use it with relevant protections like firewall white listing and 2FA. Also, ensuring that VPN service is patched and up to date is also very crucial for better scrutiny.
MDM (Mobile Device Management):
Many employees do not follow the best practices such as switching off the ‘remember password’ functions while logging into critical applications from their personal devices. That’s why there is an essence of MDM system which helps IT to gain central control over policies, accesses, and applications. This will ensure employee productivity while keeping applications safe from the threat of breaches and malware.
Use Digital Rights Management for Sensitive Documents:
If you have to share sensitive documents (including text-based and video-based documents), ensure that it’s being done with Digital Rights Management. Digital Rights Management adds another layer of security by establishing your total control on all outbound documents. You can control their usage based on specific geography and even limit it to particular device(s)/user(s). Further, you can manage to what extent a specific document can be accessed by a particular user, i.e. viewing, editing, downloading, etc. This will prevent the misuse of your intellectual properties if they get compromised.
Train your team using Cyber Range:
Perhaps, the biggest measure that you can take at present is preparing your security team against any threat that might surface. Since lockdowns make physical training programs impossible, the best way forward is to use a Cyber Range solution that offers remote training. Cyber Range trains your cybersecurity professionals in the simulated IT environment of your organization against across-the-board cyberattacks. It has a positive impact on everything from the individual skill of a professional to the overall coordination of the team, which is need of an hour as everyone is working remotely and thereby preventing fallouts during an ongoing event. After all, the more you sweat in training, the less you bleed in the battle.
As of now, our digital world is as much in danger because of the coronavirus outbreak as is our physical world. Avoid making your business a casualty to the outbreak by following these simple security mantras. Godspeed!
(The author is Managing Director – India/South Asia & ASEAN, Cyberbit)