Cyber Security in the challenging time of Coronavirus

Author: Amit Ghodekar, Sr. Vice President & CISO, Motilal Oswal Financial Services Ltd

Background to the Challenge

Coronavirus or COVID-19 has now emerged as a gigantic problem in today’s time, and almost every country has now become vulnerable to it. Every day, new cases from across the world are coming up where the Coronavirus infection is being confirmed and thousands of people have lost their lives. While governments across the world have put down a lot of policies and procedures to fight against the epidemic, organizations across the world are creating business continuity planning so that their workforces can remain safe without productivity getting hammered.

The Role of Technology in Business Continuity Planning and Work From Home Mode

Technology is playing a key role here and to no-one is surprise the bad actors in the world are also ready to exploit the opportunity. Already lot of reports have come in, stating phishing emails named ‘safeguard against Coronavirus’ or ‘COVID-19 compromised thousands of systems across the globe’. This was not the only thing - since now the hackers have realized that most organizations will activate their BCP through WFH (work from home)mode, they are working on how they can exploit large institutions.

Any BCP policy gives utmost priority to human life so for many institutions in the world, while they have activated the BCP considering safeguarding human life, the best possible thing is to give access of systems and allow ‘’work from home’’ (WFH). While institutions are taking these actions three things immediately come apart from safeguards for human life in technology. These are secure email communications, well established BCP & tested work from home systems.

Protecting Data

Apart from that most crucial thing which any institution should look at is Data Security while access is given, and system controls in place while access is given to third parties. We have seen in the past that in most of the data breaches across the globe mostly third parties were the culprits, hence special attention and controls are required when access is given to third parties.

However, the core of the work from home, or WFH policy is the data which the end users are going to access. Organizations need to take the utmost care while their end users are going to access the crucial data of the organization from outside.

The organization should have proper controls in place to safeguard the data in rest and data in motion.

An effective Device Control Policy such as not giving USB access or even powerful controls such as data loss prevention for end points as well as mobility devices is a must-have control in this scenario.

Threats to Endoints in WFH Mode

Now comes the most important aspect of the WFH, and that’s the endpoints. The world is witnessing its highest level of attacks on end points during last 2/3 years and end points are the ones which get compromised first. Hackers are using sophisticated techniques such as advanced persistent threats (APTs). These APTs remain in the systems for many days in stealth mode and once activated they steal the data or compromise the systems. Since the end users are going to remain outside of the office environment, one has to carefully evaluate and implement an endpoint security solution which can effectively tackle any threat, especially when now the users are not going to remain in your network.

Conclusions

In a crisis situation, when the majority of the workforce will remain off premises, cyber security will be challenged like never before and the cyber security professionals across the globe will need to be on their toes all the time. There is no doubt that hackers will try to utilize their agenda, and the effective monitoring of Security Incidents, effective monitoring of Security Operation centers and taking timely actions on the alerts will be the savior. Apart from that, one most important thought which also requires special attention is that of access control.

Hackers have started utilizing the Coronavirus or COVID-19 event by spreading phishing emails and many users fall pray to it, hence an effective e-mail security which can identify malicious or phishing emails will be the need of hour along with end user awareness about cyber security also playing a key role. Special awareness about how to use systems securely while work from home mode is active needs to be communicated to users effectively.

Finally, this NIST issued a special publication - A Guide to Enterprise Telework, Remote Access and Bring Your Own Devices (BYOD) Security - some time back, which might be a good read in today’s climate for every Cyber Security professional, at a time when Cyber Security is witnessing a grave challenge in the Coronavirus, or COVID-19.

Follow Us