Cybersecurity Gaps Magnified as Millions Work Remotely Due to COVID-19

SC Magazine | March 26, 2020

Cybersecurity Gaps Magnified as Millions Work Remotely Due to COVID-19
  • As the novel coronavirus escaped the confines of China, organizations learned their tools on hand were not designed or intended to work safely offsite.

  • The new working order has cast a harsh light on the limitations and safeguards of connectivity, required for business to function.

  • Pre-coronavirus, supervisors didn’t have to concern themselves with employee distractions. But now, employ focus is paramount.


Apply pressure to any system – and its weakness become apparent. COVID-19 has exerted the necessary pressure to test cybersecurity postures, exposing gaps – some of them yawning, some more subtle – as entire workforces have been ordered to work from home.


As the novel coronavirus escaped the confines of China earlier this year and it became increasingly clear large numbers of workers would have to hunker down at home, all eyes turned to an obvious potential weak spot – VPNs, which would surely sputter under the stress. But as the virus spread it has exposed additional security problems, ranging from the inability to do forensic tests and general upkeep on systems to granter higher level user privileges to staff to access systems remotely.


Organizations which previously did not have a distributed workforce quickly learned their tools on hand were not designed or intended to work safely offsite, via a VPN or over the internet, said Lisa Davies, head of corporate security at Redox, preventing security and IT teams from conducting even routine, but important, tasks.


Since many of the security controls and tools used by non-distributed companies depend on being on the local network, they cannot do [many] things remotely. These companies have found it more difficult to update, monitor logs etc unless the device is on the local network, so when employees take them home, they are in the dark

- Lisa Davies, Head of Corporate Security, Redox


Company equipment left behind as workers fled has languished unmonitored, their vulnerability magnified as employees, outside the sight lines of security teams, connect their own, unsecure devices to company assets.Organizations must “monitor inactive company devices, as possible indicators a device has an issue, or a remote worker may be tempted to use personal technology,” said Davies. “This goes hand-in-hand with technical controls preventing non-company devices from accessing sensitive information.”


READ MORE: Protecting against cybersecurity threats when working from home.


The new working order has cast a harsh light on the limitations and safeguards of connectivity, required for business to function. Existing protocols simply are not sufficient, said Luke Willadsen, security consultant, cybersecurity services and solutions firm EmberSec.


It appears support for multifactor authentication has been a lot of talk and not quite as much action. Many companies apparently haven’t required it to connect to the network then disable the work computer’s ability to take a screenshot of the window containing the remote/virtual desktop on the host computer, Willadsen said. That needs to change quickly.


“Don’t let any data pass between the machine originating the connection and the remote/virtual desktop,” Willadsen said. Security teams can bridge this gap by disabling “the clipboard and shared drive access between the origination host and the virtual/remote system,” he said, noting “we don’t want a single byte of information to be exchanged between the two hosts (aside from the network connection that facilitates the session).”



That will prevent “the introduction of malware into your network and it prevents employees from exfiltrating confidential or proprietary files,” he said.


Pre-coronavirus, supervisors didn’t have to concern themselves with employee distractions – children running around, barking dogs, fears of a deadly virus’s spread or many other things occurring in a normal household. But now, employ focus is paramount.


Workers be reminded to stay focused and that security policies put in place to protect corporate information are still in place, especially in a world filled with phishing emails designed to prey on those now operating in a busy and confusing world.


They should also build mechanisms to reinforce such policies in the moment they most need to followed – for example within the context of an email asking for financial action or confidential information – so that users can make informed decisions before interacting with suspicious emails.

- Matt Petrosky, Vice President of Customer Experience, GreatHorn


By providing employees with reminders about policies when it matters, companies can significantly reduce risk for their remote workforce.


READ MORE: The coronavirus is already taking effect on cyber security– this is how cisos should prepare.

Spotlight

Critical infrastructure owners and operators have managed
industrial risk for hundreds of years. This risk is usually
measured in impact to health, safety, and reliability. As these
industrial systems become increasingly digitized, so does
the risk. What were once seen as isolated, manual processes
have become reliant on communication networks and digital
devices. 

Related News

Arceo.ai Adds CJ Pruzinsky to Its Team of Cyber Insurance Experts, Strengthens Cyber Security Risk Capabilities

Arceo.ai | July 17, 2020

Arceo.ai, a cyber risk analytics company that empowers enterprises to better identify, respond to, and recover from cyber risks, continues to grow its team of senior cyber insurance experts to enhance the services and solutions it delivers to the cyber insurance industry. Charles J. "CJ" Pruzinsky, an experienced cyber underwriting executive, has joined Arceo as Executive Vice President and Chief Underwriting Officer for its U.S. operations.Before joining Arceo, Pruzinsky was responsible for managing the Northeastern operations at Beazley Group, based in New York. Prior to Beazley, he held senior underwriting positions at American International Group, where his responsibilities included building out AIG's Midwestern U.S. regional capabilities.

Read More

DATA SECURITY

Strong customer growth and recruits continue to increase security Notable security sales executive to scale rapid expansion

businesswire | December 17, 2020

Elevate Security, the first human risk management platform of its kind, today announced the appointment of security sales expert, Carolyn Hieken as Vice President of Sales to join its executive leadership team. Hieken will spearhead Elevate Security’s strategic growth objectives further expanding customer impact to improve the way security teams measure, communicate and reduce employee risk. “Carolyn is a powerhouse and brings more than 25 years of security and technology sales experience to Elevate Security,” said Robert Fly, CEO, Elevate Security. “Her proven expertise in developing Fortune 1000 enterprise partnerships and growing teams is the exact talent we needed to expedite Elevate Security’s expansion.” Elevate Security recruits Hieken on the heels of a successful series A1 investment round. Despite the COVID-19 pandemic, Elevate Security has doubled its customer base since the beginning of the year. As Elevate Security achieves continued customer growth, so does the company’s measurable impact on security resilience - Elevate Security reported influencing more than two million positive security decisions across the installed base resulting in prevented incidents and proven improvement to cyber resilience. “Elevate Security is solving the security industry's greatest challenge which presents tremendous expansion opportunities. The Elevate Security team has established solid success to-date, and I am excited to further scale and accelerate our impact to help more organizations optimize their security technology spend, reduce employee risk and improve their overall cyber resilience,” said Hieken. Hieken brings more than 25 years of technology and security expertise to the Elevate Security team with previous leadership roles at McAfee, Imperva and CA Software. About Elevate Security Elevate Security, the leader in Human Risk Management software, helps security leaders in enterprises measure, reduce and communicate human risk to keep their companies safe from cyber threats. One of the most challenging aspects of building a cybersecurity program is the human risk component. Elevate Security provides a way to quantify this human risk across the entire organization using security incident data that is already available. Quantifying human risk and analyzing it as part of an overall cyber risk framework provides unique insights to the Chief Information Security Officer (CISO). Armed with this insight, CISO’s are in a much better position to optimize their security technology spend, focus their monitoring and detection capabilities on the high risk groups and strengthen their overall cyber defense strategy. Medium and large enterprises across industries, from financial services, technology, healthcare and more, have benefited from increased cyber resilience by incorporating Elevate Security into their security infrastructure.

Read More

DATA SECURITY

ProtectedBy.AI to Launch a unique Defence system Against Cyberattacks

ProtectedBy.A | June 09, 2021

A world leader in artificial intelligence driven solutions, ProtectedBy.AI, is launching CodeLock. This has been designed as its patented revolutionary approach to prevent insertion attacks that may occur in a software supply chain. The recent cyberattacks with Colonial Pipeline, with SolarWinds, and JBS have destroyed many organizations globally. Globally, including the attacks on multiple U.S. government agencies could have prevented by using CodeLock™. CodeLock™ has the competence to stop the most dangerous and latest criminal malware. CodeLock's™ revolutionary approach creates an inviolable network of security sensors that can be embedded into any software running on an organization's servers and systems. CodeLock™ perfectly protects each line of produced code. From minor utility functions to multi-million-character functioning systems, CodeLock™ can save any software from attacks and threats. The two primary dimensions of CodeLock™ are a Developer Interface and an Alert Monitor. According to president and co-founder of ProtectedBy.AI, Brian Gallagher, creative new forms of cyberattacks, ransomware, and malware are becoming more and more common globally. He also said that they have created a defence technology for automating detecting process of an attack. CodeLock™ is becoming a critical component in making all the organizations cyber safe. About ProtectedBy.AI ProtectedBy.AI makes solutions that protect and advance the security and economic objectives of countries and companies incorporating human intelligence in it. ProtectedBy.AI is well known in providing effective solutions and has served a wide range of organizations such as Central Intelligence Agency (CIA), Department of Homeland Security, and United States Department of Defence.

Read More

Spotlight

Critical infrastructure owners and operators have managed
industrial risk for hundreds of years. This risk is usually
measured in impact to health, safety, and reliability. As these
industrial systems become increasingly digitized, so does
the risk. What were once seen as isolated, manual processes
have become reliant on communication networks and digital
devices.