Raj Samani, Chief Scientist and Fellow at McAfee said ‘The pandemic has completely changed how we live, from the way we socialize to the way we work. With many of us spending far more time online from home, criminals have been quick to adapt their tactics – creating a whole host of new scams which businesses must be more aware of given the large numbers of staff still working remotely. The threat for businesses is also intensified by the fact that many employees are accessing work files and information from home across both corporate and personal devices. This is why the EU’s Cybersecurity Month is now more important than ever. The initiative serves as a reminder that everyone must remain aware of and be vigilant against cyber threats to avoid making it too easy for criminals to cash in on our data.
“With many businesses moving to cloud-based collaboration to enable the almost overnight shift to remote working, for example, organizations must recognize that securing data in the cloud is a shared responsibility that doesn’t fall solely on end-users. All stakeholders, from cloud service providers to businesses to the end-users themselves, have a role to play in this layered defense. By taking this collaborative approach, companies can rest easy knowing they are taking a critical step in meeting today’s complex security challenges.
“So, while businesses must educate their workforce on best practice such as reporting any suspicious activity, questioning whether a link is dodgy or thinking before accepting a stranger’s invitation to connect on LinkedIn, there is also an onus on the business themselves to build vital cybersecurity hygiene into all of their processes. Taking a shared responsibility approach to cloud and data security will help to ensure remote workers can be productive without compromising corporate information.”
Cybersecurity should be core to business strategy
Simon Chassar, Chief Revenue Officer, NTT Ltd. security division comments “As organizations adapt to new ways of working amid the global pandemic and, in turn, accelerate digital transformation initiatives, establishing cyber-resiliency has never been more important. That’s why this Cybersecurity Month, reinforcing the need for security to be a core business requirement, both to conduct business and navigate today’s increasingly complex threat landscape, is critical.
“By making cybersecurity core to their overall business strategy, organizations can effectively take steps to become “secure by design”. With this, they need to ensure security procedures, controls and policies are integral in all technology solutions and business process from the outset. These solutions need to be inherently secure and provide the latest cyber threat protection required for an organization’s operations. Whether a business’s digital transformation is migrating to the cloud, application development, leveraging the power of the IoT or integrating IT and operational networks, taking a “secure by design” approach is crucial for business continuity by identifying, responding to, and protecting against known and unknown threats and minimizing the potential effects on core assets.
“Cyber-resiliency also involves recognizing that security is no longer solely a technology or governance, risk and compliance issue. Instead, the whole workforce, including both technical and non-technical employees, should be a student of cybersecurity. This, coupled with taking a “secure by design” approach and making it central to the overarching business strategy, will not only ensure that organizations stay a step ahead of hackers, but also enable secure digital transformation and innovation.”
Homeworking has changed the nature of risk
Rodney Joffe, SVP and Fellow, Neustar commented:
“Whereas we typically used to see around 5 percent of employees working away from the office, this October’s Cybersecurity Month acts as a meaningful and timely reminder as to how dramatically things have changed. The sudden surge in remote working has had a profound impact on three significant areas – technical, social and security – with the latter still a cause for concern.
“While bandwidth has held strong, transitioning to a fully remote model has complicated the use of VPNs for businesses. Cyber criminals are very aware that the hardening of connectivity from a denial of service point of view hasn’t been done, and therefore see VPNs as a weak link. With 95 percent of the workforce logging on from home, DDoS attacks that are encapsulated in a VPN packet have become much more common.
“These attacks – which are made up of a certain structure and go to a given port – will only be revealed when the packet reaches the VPN server and is opened up, by which point it is too late to stop. In the interim, the sheer volume of traffic travelling through the VPN can cause the network to fall down.
“The very nature of VPNs is that they have to be encrypted all the way. You don’t, therefore, have the ability to use normal methods to examine whether the traffic running through a VPN is actually an attack. As such, organizations need to be able to keep track of the IP addresses for their home employees, as you know that this is likely to be valid traffic. Traffic coming from different IP addresses can therefore be treated with caution, as though it could be malicious.”
Keith Glancey, Systems Engineering Manager, Western Europe, Infoblox commented “We can no longer assume everyone is coming through the drawbridge, and need to secure the castle accordingly. Any recent report will tell you that cyberattacks have grown exponentially since the start of the pandemic. In the networking space, cyber criminals are taking advantage of industries stretched thin, like healthcare, and an explosion of insecure endpoints connecting to corporate networks due to remote-working.
“Networking is changing, and security has to change with it. As new ways of networking are here to stay, so are new points of vulnerability. For example, an organization may have assumed it was routing everyone through a drawbridge, now it’s added several windows, doors and bridges. Assuming that everyone still comes through the front door, despite all of these new points of access, makes you vulnerable.
“Cybersecurity Month in 2020 is unlike any other. The way we need to look at securing corporate networks today is vastly different from where we were a year ago. Rather than planning for the ‘post-pandemic’ landscape and a return to normality, organizations should be taking a step back and using this moment in time to invest in cybersecurity solutions that are fit for purpose in this borderless era of work.”
Education institutions are at risk
Paul Farrington, EMEA Chief Technology Officer, Veracode said “As the impact of the pandemic on the UK education system unfolds, schools and universities will be reviewing how they can provide socially distanced learning to futureproof the education of thousands of students. As such, developing a cloud-first strategy will be a priority for the sector.
“In light of Cybersecurity Awareness Month this October, I urge educational establishments to fine-tune their software development life cycle (SDLC). Our State of Software Security (SoSS) report found that of all industries, the education sector had the highest level of ‘security debt’. This means there are latent critical vulnerabilities within the applications used by education providers, which can be exploited by malicious parties. Pivoting to a new IT operational model provides app security teams with an opportunity to review the robustness of existing applications, while securing the development of new cloud applications.”
Operational Technology must also be secured
Eric Rueda, Segment Leader, Software & Connectivity EMEA, Eaton said “Cybersecurity Month all too often focuses on traditional IT security, with tips on how consumers can avoid falling victim to phishing scams or how businesses can secure critical applications from ransomware attacks. What is frequently missed is the lesser known, but equally as critical, issue of securing Operational Technology or OT. Information Technology is typically focused on transferring and storing critical information whilst OT typically controls the physical world. OT networks support building infrastructure that operates key facility systems such as lights, elevators, access control and heating and cooling systems. Such building infrastructures are commonly found in the commercial and industrial segments as well as in data centers. As more operational equipment is becoming reliant on IT to function, organizations are becoming more exposed to cybersecurity threats.
“Commonly we see cybersecurity relegated entirely to the IT team, however, as more technologies powering day-to-day operations of a business move online, many do not think they are exposed and have forgotten to secure their OT systems. This risks OT security falling between the cracks. Instead, it should be shared between IT and facilities managers.
“This Cybersecurity Month we urge organizations to start thinking not only about the attacker’s method but their objectives. For OT products, like temperature, humidity or motion sensors, Programmable Logic Controllers (PLCs) are harvesting and exchanging data, and whilst this might not be highly valuable data to a cybercriminal, OT can be used as a backdoor into IT systems which hold much more valuable information. For example, an attack on an emergency lighting system within a data center that successfully grants access to its entire network could bring the whole data center to its knees. Facilities managers need to work with IT teams to be sure that whatever equipment they purchase is closed and secured from intrusion attempts to make sure OT is not the weakest link in the security chain.”