Covid-19 has changed our life drastically in terms of daily routine, work culture, student life, as all we are doing work from home. Many organizations never thought about this situation and never prepared for the Business continuity plan. Organizations are never expected to wait till 2021 or beyond that for employees back to work.
For IT organizations, schools, universities, protection from data breaches, and mitigating the risk is a major challenge. During lockdown Phishing, Ransomware, and Malware attacks are increased in all industries because if the less security planning. Now new trends started as remote working (work from home) because of the efficiency of the work. End users are more deliverable as compare to office hours “Organisation Assumes”
In this case, security will be the main concern, and each organization should improve the detection, mitigation, and alerting capabilities for remote workers. In this case, the Security Operation Center teams are performing a vital role.
A survey report by AT&T in June, Survey on 800 cybersecurity professionals across UK, France, and Germany reported that 88% was felt to implement WFH because of the less preparation and now 55% feel that WFH or remote working making companies vulnerable to cyberattack. Over 5000 employees it is 70%. This survey also says, 48% are assuming for business transformation in digital and moving on the cloud implementation.
Here we are considering major points where need to be focused by any organizations post covid-19-
- Improving BCP (Business continuity policies) and remote working policies
- Take seriously and revise the Risk assessment
- Remote VPN and RDP have to be implemented in a more secure manner to prevent from exposing the data.
- Focus on cloud security implementation plan as all are doing work from home or in such crisis, CISO needs to deliver the services to cloud from corporate office and then to home and home to a cloud insecure manner.
- AAA model should be updated and more secure Authentication (Who are you), Authorization (What resources you can access) and Account what you have accessed, what time by whom)
- Security operation Center need to more aware and active around-the-clock.
- Strong policy to protect end-user during work from home which can be DLP, VPN, Endpoint Protection, Proxy etc.
- Conduct user awareness training to prevent from Social engineering attacks like Phishing and strong password hygiene. As FBI says, 300% jumped the cybercrime reporting after start of Covid-19, in new culture (Work from home), users are unaware of security measures and companies are struggling to protect from remote services. It is important task for any organization to conduct or aware end-user from cyber security.
- Focus on Insider attacks as employees can unhappy because of extended working hours, workload, and no hike or promotions. Auditing the activity is important and can be achieved by IAM (Identity and access management) and privilege access management tool. In COVID-19 it is very difficult to track what users are doing with data.
- Network segmentation to access the organization apps or services.