The common theme of day three of U.S. CyberWeek’s infamous CyberTalks was resilience, with experts discussing the need for collaboration, planning and testing. As organisations are coming to grips with discovering what they knew (and didn’t know) about their networks, panelists outlined best practices of maintaining security while teleworking.
Here are some highlights of today’s discussions.
How DOJ cybercrime fighters are trying to stop Chinese theft
It has been widely accepted that China has become a safe haven for cyber criminals. The U.S. Department of Justice (DOJ) have detected crime partners outside of China, including “front companies” that are created to obfuscate illegal activities. Although this makes the already difficult task of attribution harder, it doesn’t make it impossible. Partnership with allied nations has been deemed as critical in the fight against cybercrime. The goal is in working with allied nations to identify and prosecute bad actors and begin to establish societal norms of acceptable behaviour in cyberspace. It was noted that Australia has been very good at calling out bad actors and aligning with the “Name and Shame” campaign.
In addition to aligning with allied nations, public-private partnerships are also key in fighting nation state sponsored cyber attacks. Although the DOJ does not necessarily have the means to provide proactive warnings of imminent attacks, they are able to articulate what has been investigated and the means by which bad actors have gone about targeting and attacking their victims. In other words, they paint a picture of specificity to give the public a snapshot of the how, what and why behind cyber attacks.
Looking past the pandemic: Futureproofing against data risk
“We have seen two years’ worth of transformation in just two months,” Satya Nadella, CEO Microsoft.
Millions of people transformed the workforce almost overnight. According to a poll conducted by Microsoft, 52% of compliance decision makers say that data leakage is their top challenge in the remote workforce. With an estimated 175 zettabytes of data to be created by 2025, cyber threats have increased exponentially. Specifically, industry has seen a vast increase in sophisticated ransomware attacks. With an estimated 42% of the workforce remaining remote, it is critical for organisations to invest in stronger defense capabilities, as well as taking proactive measures to secure their data in all forms. Two accelerating trends include:
- Zero Trust architecture: Principles include verify explicitly, least privilege access and operate under an assumption of breach. Identity takes center stage to Zero Trust and has accelerated digital transformation and adaptive security policies. Identity refers not only to the human users, but also devices and IoT.
- Operational resiliency: Operational resiliency means that core operations and services need to be able to withstand a cyber incident. How is this accomplished? Have a plan and TEST, TEST, and TEST again! Not only does your organisation need a business continuity plan, but it also needs a specific cyber recovery plan. Creating back-ups is not enough. The back-ups as well as the process to restore them need to be tested and tested often.
In closing, CISOs need to strengthen the security posture while prioritising compliance, follow cyber resilience best practices and look beyond the pandemic as a means to future-proof against data risk.
Telework: Securing our new normal
It’s estimated more than a third of the workforce will remain remote indefinitely. Organisations globally ran the gamut of readiness for transitioning to the telework environment. Some were fully prepared, and others were deer in the headlights with no idea where to start.
The National Institute of Standards and Technology (NIST) understood that ramping up for this new work environment was challenging for most. Although they had a document at the ready, SP800-46, they understood that most organisations didn’t have time to read through the 53 page document. So, in March NIST released an ITL Bulletin entitled “Security for Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Solutions.” This abridged version of SP800-46 outlined key best practices that organisations could quickly implement to secure their remote workforce.
So how did organisations cope with this quick and hectic transition? The organisations that already had remote workforce capabilities in place had an easier transition and scaled more seamlessly. The most difficult part of the transition for many organisations wasn’t necessarily scaling for remote connectivity to data, it was determining how they would secure the data in all forms of use outside the perimeter of their facility. Challenges included employees using legacy hardware in their home networks with inadequate security in place, as well as the human element of fatigue and burnout. The threat landscape in this new working environment has changed as compared to just a year ago. In addition to seeing a vast increase in phishing email campaigns, filesharing applications have been exploited, as well. These attacks are psychological as much as they are technological. Bad actors are banking on the idea that people will make mistakes. The transition to teleworking, as well as virtual schooling, has employees working harder and longer than ever before. Fatigue and burnout can be major factors in falling victim to phishing scams.
It isn’t all doom and gloom. There have been many benefits to transitioning to a remote workforce. Business have seen significant savings in transition to teleworking and adoption of cloud applications and collaboration tools. Employees have access to tools that are more efficient and make their job easier without having to leave the comfort of their own home. Zero Trust is the next evolution of networking and network access. Cloud reliance will continue to increase the use of managed services, decentralised networks and micro segmentation; all of these principles making for a more secure network.