Keeping the business operational has been the focus for IT functions and senior leadership teams as firms scrambled to adapt to the restrictions imposed in response to Covid-19. Organisations have worked under intense pressure to uplift or acquire remote working solutions that can support the substantial increase in demand, in a very short timescale. Now the dust is settling and businesses reach a new steady state of operations, familiar cyber security risks - such as those posed by the threat of social engineering or the relaxing of controls - are emerging in more potent and harmful forms.
Expected increase in attacks
Social engineering attacks, in which employees are manipulated by malicious actors into divulging sensitive information, already sit near the top of many organisational risk registers. The ambiguity caused by the rapid adoption of new processes and ways of working has compounded this risk. It can be exploited by social engineering attacks with relative ease and at a low risk of being discovered. Human error within the target organisation is essential to the success of the vast majority of cyber-crimes. Whilst this has been understood for some time, and reinforced through numerous industry studies, organisations and broader society continue to struggle with the threat of social engineering. This pandemic has made things a whole lot worse.
Alongside the heightened threats, businesses have relaxed their cyber controls to expedite the transition to remote working. The high pace of change across technology and ways of working have, in many cases, not allowed for a structured and change-controlled transition. Organisations are simultaneously enabling their least IT and security literate teams to work remotely, often with no additional training. Business leaders have chosen to loosen or bypass change controls, third party assurance and awareness processes, accepting the resultant risks in pursuit of recovering key parts of the business.
How can you offset the increased cyber threat?
Baringa helps organisations manage their cyber security in the face of crises. Here are the key activities we believe every business should consider now, to help off-set the increased cyber threat and necessary increased levels of risk acceptance:
Scenario plan the most credible risks. Understand what your new exposure to cyber risk is and invest the security budget and resources you have available to manage these new risks. Scenario planning will also build muscle-memory into the teams responsible for handling incidents, improving efficiency and effectiveness for the ‘live performance’
Build a collaborative and all-in approach to cyber safety. Security awareness has never been more essential. With the increased risks of social engineering, businesses need to communicate with staff on their responsibilities in these unusual times. Remove what ambiguity you can with direct and clear messaging, flagging key risks such as social engineering in its many guises, especially where there has been a spike following the Covid-19 outbreak
Protect and assure your remote access capability. All businesses now see remote access as a critical business asset. Understand the risk to your remote capabilities (be they VPN, cloud, or others) and enhance the security and resilience of these technologies where feasible
Retrospectively assess your systems. Where systems and processes have been introduced or adapted without the usual levels of assurance, ensure that they are retrospectively captured by these processes. Develop plans to mitigate any identified risks which are unacceptable, and update your asset management platforms to account for the changes
Secure your organisation accounts. Ensure that the access an individual has, is appropriate to their requirements to work. As we enable staff to take their work home with them we need to limit access on a ‘need-to-know’ basis. Use technical and process driven controls to tighten authorisations and secure key data from unnecessary access
Secure the home. The physical and technical security within the home will struggle to match the security of the office but businesses need to invest in supporting staff in securing their homes. Continue to reinforce good practice principles around remote working with remote workers and consider investing in additional end-point protection that reflects the increase in risk.
A brave new world
The state of isolation is temporary but the changes that we have introduced to technology and ways of working are unlikely to disappear along with the lockdown restrictions. It is far more likely we will see permanent changes in the way that businesses operate, utilising the new and augmented technologies introduced in the past few months. IT and cyber security teams need to work with business stakeholders to ensure that these new ways of working can be sustained beyond Covid-19 and within an acceptable level of risk to the business.
If you want to find out more about how to protect your organisation from cyber threats or discuss secure remote access solutions, please contact James Beverley, David Prince, or James Davidson.