Top 5 cybersecurity recommendations amid the COVID-19 pandemic
1 de abril de 2020Industries have seen a sharp rise in cyberattacks even as the COVID-19 pandemic continues, including cyberattacks focused on health care using spear-phishing and ransomware, impersonation attacks combined with business email compromise (BEC) targeting financial systems, supply-chain cyberattacks, and distributed denial of service (DDoS) cyberattacks on the energy, hospitality, and travel industries.
By Doug Davidson
Doug Davidson
With the spread of COVID-19, increased demands for information technology support services are occurring across nearly all industries as worldwide employees, students, and others are working remotely.
As a result, nation-state and criminal cyberattack groups are taking advantage to target cyber vulnerabilities.
Even as firms across all industries are learning to operate in this dynamic environment, a focus on cybersecurity is important to help prevent a successful cyberattack from further impacting company operations.
Cybersecurity recommendations
To reduce the probability of a cyberattack or significant data breach and mitigate the negative financial and reputational impacts, the following cybersecurity recommendations are applicable to all industries.
Create an organizational culture of cybersecurity
Ensure the C-suite consistently promotes and supports employees’ practice of safe cybersecurity behavior via a comprehensive cybersecurity awareness, education, and training program, with an emphasis on guarding against spear-phishing campaigns. Raising awareness during this time period is critical because remote employees are often working with less security protection than when they are in the office. They are weaker and they are the prime target.
Harden new network components
As firms have moved to network architectures that support social distancing with remote working literally overnight, key vulnerabilities have likely been introduced. The following steps will help protect the network:
– Ensure remote workers are accessing company resources using VPN technologies.
– Ensure that no remote desktop connections are in place; instead use a remote viewing program like Anydesk or TeamViewer.
– Ensure visibility and monitoring for remote connections, including those of employees, contractors and others with access to company network resources.
– Routinely monitor and audit email accounts and automated email rules, especially in cloud email platforms such as G-Suite and Office 365.
Conduct cyber diagnostic assessments
On a regular basis, this action results in finding weakness before an attacker does, including email assessments, spear-phishing campaigns, vulnerability scanning and penetration testing.
Conduct 24/7/365 monitoring, detection, and response (MDR)
It is essential to continually monitor, detect, and respond to all cyber incidents, including any incidents relating to your company’s: email system, network, software applications, and all information system endpoints using advanced security information event management (SIEM) software, data visualization tools, automation, and artificial intelligence (AI) capabilities.
Plan for more bad news, both from cyberattacks and other events
Establish a cyberattack incident response plan: Develop and periodically test an enterprise-wide, well-coordinated information system incident response plan to quickly identify, contain, eradicate and recover from cyberattacks. Inform employees of their role in reporting incidents and consider grace to those who make mistakes but quickly report them.
It’s also important to ensure information system resilience. Review and test existing enterprise-wide business continuity plan (BCP) and disaster recovery plans (DRP). If no plan is in place, implement and test an enterprise-wide BCP and DRP.
GBQ’s information technology services team helps clients develop plans about how to be resilient in the face of a cyberattack or other business risks. Learn more.
GBQ has been a top tax, accounting and consulting firm for more than 65 years. GBQ IT Services is one team of builders, breakers, operators and auditors with access to a consortium of 50 experienced IT, cyber and assurance professionals delivering IT risk, cybersecurity and productivity solutions.
Doug Davidson, CISA, is the director of information technology services for GBQ. Davidson joined GBQ in 2016, bringing 30 years of experience working with technology and technology leadership in companies ranging in size from innovative, emerging businesses to Fortune 500s.
Fonte: bizjournals
Serviços eletrônicos proporcionam mobilidade, mas estão seguros?
COVI-19 alterou muitos hábitos de indivíduos e empresas em todo o mundo e nunca a tecnologia da informação foi tão importante quanto agora para disponibilizar serviços eletrônicos seguros.
- Top 5 Cybersecurity and Cybercrime Predictions for 2020
- Facial recognition for travel and onboarding top this week’s biometrics and digital ID news
- Passive facial biometric liveness solution passes iBeta Presentation Attack Detection
- The Complete Guide to Domain Names: What Are They and How Do They Work
- Critical Windows 10 vulnerability used to Rickroll the NSA and Github
- SigniFlow Americas: Sealing the Deal with Technological Flexibility
- Common Encryption Types, Protocols and Algorithms Explained
