COVID-19 and remote work introduced a wealth of new threat actors, vectors, and surfaces. Without an updated cyber strategy to reflect the work from home circumstances, you may have provided an opportunity for threat actors to capitalize on the current crisis and gain access to your systems and data.
Fundamentally, your cyber strategy should be based on threat-informed risk analysis that allows you to prioritize people, processes, and technology spend to address those risks mitigations that are the most significant, protect the organization’s most critical assets, and provide the greatest return on investment. The challenge is that this strategy is only successful when you continually assess and update your risk universe to reflect the threats that pose the biggest dangers to your organization, including those newly introduced by COVID-19 and remote work.
Keys to a Successful Cyber Strategy1. Develop or update your existing threat model to incorporate emerging threat actors and vectors taking advantage of the COVID-19 environment.
The first step is understanding your current architecture, existing weaknesses in your processes and technologies, and where your most critical data (i.e., your “crown jewels”) live. Then, you must review the threat intelligence to understand what risks exist and evaluate how they can be mitigated by leveraging your existing people, processes, policies, and technologies.
Lastly, test. Iterate through your threat model with high-risk threat scenarios to understand how resilient your organization is. If you identify weaknesses, discuss them with stakeholders and prioritize remediation.
2. Develop, deploy, and manage training and awareness, including phishing campaigns, tailored to COVID-19 threat actors and vectors.
Global reports indicate that malicious actors increased attempts to gain unauthorized access to sensitive data, particularly through phishing campaigns spoofing COVID-19 related emails, websites, and attachments from seemingly reputable sources. Forbes listed a multitude of common coronavirus-related phishing attempts and other scams but warned that there are likely “millions more in the shadows.” Without proper protections and awareness, your employees may fall victim to these scams and unwittingly expose company resources and highly sensitive personal data.
Simulated phishing campaigns and phishing awareness refreshers can help users better identify malicious emails. Companies should enhance the detail of their phishing training and send regular reminders about how to report attempts.
Finally, pointing employees towards a single source of truth, such as a shared folder or webpage containing relevant COVID-19 announcements made by leadership, can provide a way for associates to fact-check information and better spot an attempted phish.
3. Implement enhanced email filter and quarantine capabilities to block malicious messages before they ever reach your workforce.
Most email providers have these capabilities built-in, allowing email administrators to adjust policies and settings to address increased security needs. Adjusted policies may initially block legitimate mail, so administrators should review quarantined emails to ensure minimal disruption to normal email traffic.
Interested in learning more about managing post-pandemic risks and requirements?
Download our guidebook for a roadmap for leaders to decisively deploy actions that correspond to the shape of the future state economy, all while mitigating new and emerging cyber and operational risks.