How to implement expedited security strategies during a crisis
Cybersecurity professionals know all too well that crises tend to breed new threats to organizational security. The current COVID-19 pandemic is evidence of this. Health agencies are being attacked, massive phishing operations are underway, and security flaws in leading communications platforms are coming to light.
Even on an individual basis, people are more susceptible to scams, fraud and manipulation in times of fear. From January 1 until today, the US Federal Trade Commission has received over 124,140 fraud and ID theft reports related to COVID-19, with people reporting losses upwards of $80.3 million dollars.
Despite the presence of a robust cybersecurity infrastructure, enterprise systems are not battle-tested to secure an entire workforce that is now based at home. Cybersecurity analysts can confirm that to properly manage a remote digital workforce, an enterprise should focus its security measures on three key pillars:
1. Doubling up on identity access management: Enacting multifactor authentication and cycling passwords are critically important during times of crisis when phishing attempts spike and malicious hackers have an avenue into company data and resources.
2. Broaden connectivity awareness: Shield employees from parallel Wi-Fi networks set up by bad actors by increasing IT awareness and broadening VPN access. Unaware employees that connect to the parallel (rogue) network by mistake can put the company at risk.
3. Reassess policies and procedures: Companies operating today are in unfamiliar territory and should always be reassessing current cyber risk policies and procedures in order to identify and evaluate and identify risks associated with potential threats and security weaknesses.
Overcoming security challenges in a crisis
As we’ve seen with COVID-19, a crisis can disrupt business significantly. Without plans for how to deal with such a disruption, businesses will face an overwhelming challenge of managing and securing network infrastructure as operations shift to accommodate changes within the organization. It is paramount that enterprises determine ahead of time what to do differently, should a time of crisis rear its head. This also translates into a major opportunity for security teams that can proactively begin to analyze current security measures and develop a business plan of what the future might look like.
As part of this plan, automation and artificial intelligence (AI) should take center-stage. Most modern networks are growing far too complex for humans to secure manually, and fighting a growing number of threats requires automated operational workflows and integrated threat intelligence.
In addition, a high degree of system integration with these technologies enables greater collaboration between security analysts, no matter where they’re located. It is also important to embed threat intelligence across multiple vectors (e.g. endpoints, privileged user access, machine communications), so that Communication Service Providers (CSPs) can detect and analyze potential threats in real time.
Security teams that have integrated their networks with automated, cognitively intelligent software, whether it be AI or machine learning (ML), have already been privy to its benefits. With access to dynamic scanning for threats and insight into potential vulnerabilities, teams can tackle challenges quickly, with more visibility and effectiveness.
These new software capabilities enable security operations teams to:
- Oversee, manage and limit access to key operational systems and assets within the network to ensure that remote employees do not inadvertently or deliberately misuse privileged information.
- Identify network vulnerabilities automatically, detect threats sooner, and reduce the number of false positives, saving time and preventing alert fatigue.
- Flag and respond immediately to cyberattacks, minimizing the time needed to address each incident and the overall impact.
Automation and cognitive intelligence are critical to guarding enterprise infrastructure against scams, spear-phishing and zero-day attacks that can evade traditional signature-based security. By adopting these capabilities today, CSPs can set themselves up for longer-term networking success. With the rise of 5G, implementing strong security policies and procedures for complex networks has become more critical than ever. Through software that utilizes automation, AI and ML, operators can provide end-to-end quality across a diverse range of security use cases and business models in 5G.