At this point, most organizations have successfully transitioned employees to work remotely, re-baselined normal and are getting back to security as usual if not business as usual. The group of 19 CISOs we convened earlier this week shared the positive outcomes they are seeing, and today we’ll talk more about how the crisis shines a light on other opportunities to further enable the business in tandem with security best practices.
Securing the Supply Chain
As organizations are re-visiting baselines and policies, gaps in the security of 3rd party vendors and suppliers have become evident–both from the perspective of data privacy and security as well as securing physical assets. To shore up supply chain security you can:
- Inventory all third parties with whom information or equipment is shared. Organizations with a comprehensive inventory are less likely to experience a breach.
- Evaluating security and privacy practices of all third parties. Supplement contractual agreements with audits and assessments.
- Consider reporting on the effectiveness of third-party risk management programs. Adding third-parties as a consideration of your overall security metrics and reporting ensures it won’t become an afterthought during a breach or crises.
Digital and Cloud First Becomes Reality
Cloud-born tools seamlessly accommodate shifts to deliver a secure remote working experience, and enable ecommerce only models, while legacy tools require significant re-configuration and babysitting. Our panelists see COVID-19 as the catalyst for this accelerated move to the cloud. They welcome this opportunity to provide greater flexibility and efficiency to their organizations and lead the technology selection, policy and program definition to truly secure the cloud. We recently shared best practices for increasing visibility across SaaS and cloud applications.
New Context, Same Tactics.
It’s been well documented that phishing attacks are on the rise as some workers begin remote work for the first time. On the user end, the messaging has changed to revolve around COVID-19, but on the back end, security teams aren’t seeing much change in the tactics, techniques and procedures (TTP), with the goal of continuing to spread Trojan backdoors and Ransomware.
Employees are your first line of defense. Ensuring all remote users have security awareness training should be a top priority. Don’t have a full blown program? Here’s a few quick tips:
- Always verify email senders to ensure they are who they represent themselves as.
- Always verify URLs to ensure they match the hyperlink and appear legitimate.
- Never open unsolicited attachments.
- Never send sensitive information in response to unsolicited emails.
- When in doubt, ask your security team
Re-establish baselines to track metrics going forward around network and endpoint activity, user behavior, and suspicious or confirmed phishing emails and ensuring controls in place to detect and protect against these threats. Be prepared to re-baseline again as we go in and out of shelter in place, and shift future workplace rules.
Practice principles of least privilege. Over time, we often set administrative privileges and may not audit or change permissions as roles change in the organization. Ensuring least privilege principles are in place helps to minimize risk and ensure your organization meets compliance regulations.
The net is: remain calm, set weekly or bi-weekly goals and come together as a team to celebrate the successes. Continuous improvement and teamwork–that’s how you make security possible.
Check out the rest of our COVID relevant content, including sample use cases and searches to apply and optimize in your own security environment.