Table of Contents
Covid-19 has changed our lives forever and the same can be said for our work habits. The pandemic has highlighted (if confirmation were still needed) the extreme vulnerability of traditional cybersecurity systems. Systems that must necessarily be revised to be more consistent with the new online business models and remote working methods.
Leading experts in security and risk management (SRM) today face an extremely dynamic environment in which threats to data integrity and business continuity multiply. In this time of heightened uncertainty, an approach that emphasizes resilience is recommended and directs risk mitigation efforts to protect the extended perimeter, thus also contemplating autonomous and intelligent cyber-physical systems and remote workers. Deloitte experts advise CISOs to work on these five aspects in particular:
The impact of a global pandemic such as that of Covid-19 was not included in most business continuity plans. Over the past few months, the need has matured in CISOs to promote a broader concept of cybersecurity, which evolves from regulatory compliance to merge with that of cyber resilience. In this epochal transition, a central role is entrusted to Managed Security Service Provider (MSSP).
Based on the evidence, according to Gartner experts (“Covid-19’s impact on security”) to suggest how to better protect against cyber risks in the era of Covid-19. Here, then, are the 5 areas on which CISO and SRM leaders will have to focus in 2021 to ensure maximum business resilience in a pandemic period
In a pandemic scenario where the Incident Response Team operates in a completely remote or mixed mode, the old response plans could be completely ineffective. Failure to adapt incident response protocols to operational conditions altered by pandemic health management could seriously compromise the organization’s ability to cope with the most mundane cyber incidents. Gartner suggests cybersecurity leaders take some precautions:
There are many company-owned devices that, even today, are mainly used outside the office environment. Many organizations have opted for full smart working and even public administrations are gearing up to offer their employees the opportunity to work remotely for at least 50% of their time. These new routines force the CISO team to pay particular attention to some precautions:
The home environment can be a source of distraction for the employee who works in smart working. This in many cases has ended up making remote workers more fragile and susceptible to social engineering attacks in which cybercriminals exploiting user anxiety, fears, and poor attention to gain access to corporate accounts and, from there, exfiltrate data or block the operation of the organization’s IT systems.
CISO and risk managers will therefore have to adopt some useful measures to keep employees’ attention in a smart working high regarding the dangers of social engineering.
If cybersecurity operations are optimized to monitor events in a standard environment, moving to a predominantly remote operating model can pose a risk of major gaps. Those responsible for cybersecurity and risk management should take some steps to ensure that the organization’s security monitoring tools and capabilities are configured to provide maximum visibility into new extended operating environments:
With the progressive spread of smart and connected devices, attacks on cyber-physical systems are also growing. Risk mitigation activities, in these cases, must be directed towards the objective of ensuring maximum protection of the operating (OT) and IT (IT) systems through a plurality of interventions:
The ability to guarantee operational continuity even in the face of a scenario, such as the pandemic one, which presents increasing complexity, today represents the main cybersecurity challenge for CISOs. More and more companies have opted for a more “intelligent” security management, which uses Big Data Analytics, Artificial Intelligence, and Machine Learning technologies to promptly identify, indeed as far as possible, “predict” anomalous behaviors and suspicious traffic volumes.
An approach that ensures the ability to quickly isolate compromised endpoints by blocking the spread of an attack in the bud, to minimize damage to the image and downtime, ensuring the cyber resilience that is essential today for business survival.
Cyber resilience that many companies opt for a “managed” security concept by delegating the burden of protecting their data and critical assets to one or more partners, even completely outsourcing the management of entire SOCs (Security Operation Centers). In this case, all information on the state of a company’s IT security will be centralized in the infrastructure of the Managed Security Service Provider (MSSP), making the most of the advantage of working with constantly updated people, processes, and technologies to optimize different activities:
Collection and skimming of traffic and event data obtained from security systems, networking equipment, endpoints, and servers, operated through SIEM (Security Information and Event Management) platforms. Comparison of the alerts generated by these systems with context information (new vulnerabilities, ongoing attacks, new threats…) and detection of anomalies.
Analysis of information on anomalous events and IT assets involved, definition and coordination of all remediation activities useful for remedying weaknesses by suggesting interventions to be carried out on security systems.
Some SOCs can carry out a proactive analysis of vulnerabilities, verifying the resistance of applications, networks, databases, but also individual endpoints, to a possible attack, through penetration tests.
Behavior Analysis Automated behavioral analysis of users, through machine learning and artificial intelligence algorithms and, more generally, tools and protocols capable of promptly identifying traffic anomalies and discrepancies with respect to “normal” behavior, alerting security operators.
Production of security bulletins, reports, and insights on new threats and vulnerabilities, based on information obtained through cyber intelligence activities.
Also Read: Reducing The Environmental Impact: How Can a Company Do It?
Unlock Audio Effortlessly With The Best YouTube Audio Ripper Tools Description: Discover how to use…
If you enjoy Dungeons & Dragons (D&D), you have come across many tools to improve…
The existence of several accounts in miscellaneous social networks allowed me to understand that one…
Introduction Access to new technologies and artificial intelligence has become vital in today's digital era.…
Google Chrome is the most used browser today due to its speed, reliability, and versatility…
Staying relevant in the dynamic digital environment is impossible. Besides influencers, small business owners, and…