This year has seen a lot of disruption, and thanks to COVID-19, businesses of all shapes and sizes have faced increased financial pressures.
At the same time, we have seen a substantial spike in cyber-attacks — mainly using social engineering methods like spear phishing. We have seen identities stolen, and both directors and executives being directly targeted.
According to the National Cyber Security Centre, more than a quarter of all cyber incidents detected in the UK over the past year involved hackers exploiting the coronavirus pandemic. From fake emails promoting protective equipment and testing kits to phone calls from ‘HMRC’ offering business loans, there have been thousands of attempts to trick internet users.
The shift to remote working
As entire workforces have suddenly shifted to remote working, the pandemic has exposed a lot of failures in organisations’ cyber security strategies. The problem with this new way of working is that most existing IT security strategies were designed with the physical office space in mind. But now, remote employees are outside the additional security layers of the corporate network, creating security anarchy for CISOs and CIOs.
Home wireless networks are rarely as secure as corporate networks, yet the majority of the population — including senior team members and those with privileged access — are currently working from home. So, is it any wonder we are seeing a massive increase in hacking and attacks against organisations?
The network security platforms and other corporate-deployed security stacks you would expect to see in an office environment simply do not function properly with a distributed workforce — leaving companies open to attack.
And without adequate protection, everyone is vulnerable.
The irony is that even those companies that have made a business around COVID and excelled this year are still being attacked. No matter if you are a small, big, failing or booming company, nobody is immune.
A double-edged sword
COVID-19 has also highlighted many of the budgeting failures in information security. Some companies, in knee-jerk purchases, have spent thousands on fancy new tools without considering what they actually need or taking the time to train staff in using them correctly. As a result, they are seeing a poor return on investment (ROI) and creating a false sense of security. Others are spending nothing and realising the consequences.
With economic pressures mounting, cyber security spending is likely to go down even further. But although we may all be hunkering down, hackers are relentless and out in their droves. Now is not the time to cut back on cyber security.
For organisations, this creates a predicament at a time when everything they spend should be driving profits. Do they reduce costs in order to survive (and keep their fingers crossed that they do not get attacked), or do they invest in long-term preventative solutions?
No one likes spending money because something might happen. But if you had a couple of broken roof tiles that could potentially lead to a flooded house, you would fix them — right? Cyber criminals will exploit any sign of weakness to find a way in, so it is vital to plug the gaps.
The other thing to consider is that the impact of COVID is likely to have an enduring impact on patterns of work. Companies are realising that, in some circumstances, staff no longer need to be based permanently in an office. Future security strategies (and subsequent investment decisions) will, therefore, need to reflect that.
Keeping attacks at bay
One of the quickest ways to reduce spending is, of course, to get rid of redundant tools. But rather than focusing on reducing spending, businesses should instead be focusing on maximising their ROI — getting the most (and best) out of their money.
Less costly activities can help by focusing on processes, improvements, customised training and awareness around the changing dynamics and new ways of working introduced by COVID-19. To boost effectiveness and efficiency, measures should also be put in place to make the best use of advanced technologies.
For example, One Identity and Clear Skye’s identity and access management (IAM) tools can help organisations control access to systems and data, which is especially crucial when so many users are working from home and at high risk of attack.
Systems and network monitoring capabilities — such as those from Cyberint, Fidelis and CyGlass — can also provide a better understanding of the threat landscape. SCADAfence’s offering is also particularly good at monitoring systems within a manufacturing environment. Unlike traditional monitoring tools, which can only detect what they have been taught, these capabilities use AI and machine learning to spot and flag anomalies and enhance security.
Similarly, Okta’s Identity Cloud learns users’ patterns and behaviour whilst working — turning the way they work and the times they work into a biometric fingerprint. If something changes, the tool raises a red flag and requires authorisation through a token which only the individual has — helping to prevent attackers from elsewhere from hacking the account.
To find out about Burning Tree’s consulting services, contact us at info@burningtree.co.uk or call 01252 843014. We can advise you on the most effective processes and technology controls to protect your business whilst working from home.
