3 ways to tighten security and get ready for the new normal
- Posted on October 13, 2020
- Estimated reading time 3 minutes
This article was originally published on CIO.com.
Imagine if cybercriminals had a shred of decency. If they did, they wouldn’t take advantage of a global pandemic that has so far cost more than 400,000 lives.
Unfortunately, that’s not the world we live in.
One of the many unhappy consequences of the COVID-19 crisis is a sharp rise in cybercrime. Microsoft is tracking 60,000 malicious COVID-19 links and attachments every day, with hackers launching coronavirus-themed cyberattacks in 241 countries and territories around the globe. Cybercriminals don’t let up, even when people are dying.
Changing security practices aren’t helping
Put yourself in a scammer’s shoes and you can see the attraction. Most of us are working from home under a totally new set of circumstances, making us all a little more accepting of unusual emails and links.
Emails that would have looked unusual and suspicious before the pandemic now look potentially genuine.
We’re more vulnerable than ever
Spearfishing attacks are now targeting home users, while Trickbot and Emotet malware are running rampant. I’ve even heard reports of companies giving out local admin credentials to let home-working staff log onto remote servers to remain productive.
That’s not a good security practice even in the best of times. It’s especially dangerous in a pandemic, when the number and frequency of targeted attacks is soaring.
What’s more, organisations have been lowering their security posture to allow their employees’ own un-managed personal devices to use their corporate virtual desktop systems. It’s understandable, but it’s a really bad time to lower your guard.
How you should respond
Here are three things you can do to deploy a security posture that ticks both boxes: keeping your organisation safe while letting your people stay productive.
1. Use AI and ML to lighten the load on your security team
There’s a major digital security skills shortage out there. Organisations can’t find the right people with the most sought-after security skills.
That’s where artificial intelligence (AI) and machine learning (ML) come to the rescue. AI and ML security technologies, like those Microsoft has baked into its Azure Sentinel Security Incident Event Management (SIEM) offering, take up the slack to relieve the pressure from stressed IT and security staff. It does this by reducing the ‘noisiness’ of security events – instead of being overloaded by alerts, the AI and machine learning only surface events that need attention. With automation baked in, security remediation action can happen automatically and instantly. For example, an infected machine can be isolated from the network immediately through automation.
Another great example leverages the Insider Threat capabilities within Microsoft 365 (formerly Office 365). Here’s a scenario: an employee hands in their resignation. Nothing suspicious about that. But if that user’s laptop is detected performing a mass download from the company server, the activity can be automatically correlated with their newly handed-in notice. All of this can occur automatically and instantly, not after the fact.
These are powerful security tools that give your IT and security team more time to focus on your business and ease the bottlenecks created by staff shortages.
2. Ride the ‘three waves of change’ over the coming months and years
Organisations will likely experience three waves of change as the global economy settles into the rhythm of a post-COVID-19 world. It’s important to take steps now to build a resilient and scalable operation fit for a flexible future. The three waves of change are:
- Respond - With more people and devices using corporate data, endpoints, apps and identities from home, it is important to understand how your organization’s risk posture has changed.
- Reset - Your security strategy based on a zero- trust architecture to ensure that devices are validated and authorised based on their risk score and other factors, such as location.
- Renew - Realise the new strategy, leveraging modern agile delivery approaches, baking in automation from the start.
3. Be secure by design with smarter security from the ground up
The ultimate goal is to be secure by design – in other words, to have an infrastructure with security running through it, north to south, east to west. Sticking-plaster security tools, retrofits and fighting fires isn’t secure by design.
Your security team can only stay ahead if it simplifies its security tooling. For example, a team of 5 managing 50 different security tools is going to struggle to keep on top of things. Using one platform, like Microsoft’s – complemented by just a handful of third-party tools – means less stress, more control and better security. With automation at the forefront of modern security, your organisation can start to think in new ways, without having its hands tied by traditional effort-heavy security tasks.
Cybercriminals don’t take holidays, they don’t have a conscience and they will target vulnerable individuals and organisations, pandemic or not. It’s why we’d all do well to use AI and machine learning to help us detect, protect and respond to attacks on the network, from remote workers to the organisation’s core systems and servers.