The sudden and devasting onset of the novel Coronavirus has left the whole world reeling and nearly every industry scrambling. Cybersecurity teams serving enterprises of every size have experienced significant changes to their landscape including protecting remote workforces, facing an onslaught of new threats, and managing tight budgets and dispersed teams.
Many, many businesses experienced the mass and immediate departure of their workforces from their physical campuses. The security afforded from housing computers and other work devices on secure networks and physically monitoring employee activity on those devices vanished overnight in some cases. Instead stressed employees with varying levels of technical competency are accessing work data from offsite.
A joint statement from UK (NCSC) and US security (CISA) agencies made on April 8, stated,“the agencies have detected cyber criminals scanning for vulnerabilities in software and remote working tools as more people work from home during the pandemic.” Cybersecurity teams are being faced with the combination of savvy, opportunistic attackers preying on vulnerable employees and widespread use of untested remote work systems.
Constant vigilance by agile security teams working at the highest possible efficiency is the solution; however, achieving that level of work is no walk in the park (which is also off limits in these strange times!) Fortunately, “Cybersecurity, CIOs reported,” in a mid-March survey done by Adobe and Fortune, “is a top priority for many organizations, with seven in 10 anticipating increased financial investments.”
An isolated population anxious for information and solutions and working remotely is the ideal prey for cyber wolves. The Federal Trade Commission (FTC) shared in a recent report that “scammers have raked in about $12 million running Coronavirus-related scams.” And that’s just since January. Both individuals and businesses are at high risk of falling victim to costly attacks, partly because of the openings afforded by the sudden remote working environment.
From phishing and identity attacks to malware and hacking, the threats are varied and global in scale. The current environment just offers cybercriminals so many channels to exploit. Many of which relate to the virus itself. The World Health Organization and the Centers for Disease Control have both been hacked and impersonated in scams. With the most trusted COVID-19 information sources compromised, what are already unprepared and overtaxed cybersecurity professionals to do? Ilia Kolochenko, founder & CEO of web security company ImmuniWeb, says, “Employees’ security awareness programs, and IT asset discovery and management top the emergency To-Do list, being indispensable to secure businesses amid the havoc.”
It’s not just the general employees working from home, the security teams themselves are also suddenly dispersed while working overtime to manage the explosion of threats. To top it off, with the economic shutdown, budgets are in jeopardy in even the most vital departments. While 40 percent of CIO’s anticipate increasing headcount in cybersecurity, many teams are going to have to perform in top form with less support.
Those same CIO’s report communication as the biggest challenge with a remote workforce. Maintaining communication among team members and achieving a centralized view of their organization’s security posture will be high priority and a significant challenge facing security teams specifically.
In the chaos of this global pandemic, enterprise security teams need options to help them make the most of every resource. The PlexTrac solution is a software platform focused on streamlining the reporting and remediation of cybersecurity risks and aiding efficient collaboration within security teams. Supporting organizations using a purple teaming paradigm, PlexTrac serves as the central communication hub to aggregate all of the components of an organization’s cybersecurity program.
Is your organization prepared to navigate the COVID-19 landscape?