How organisations can ensure cybersecurity in the new world order

The Covid-19 pandemic has literally forced companies globally to be agile enough to adapt to technology like never before. Companies, big and small, have survived the pandemic and maintained business continuity by going remote.
India laptop users
Many large global companies, starting from Google to TCS, announced indefinite work-from-home policies  to ensure the safety of their employees, even as their businesses continue without any disruption on the back of planning and investment in technology.

While this has been staring everyone in the face for quite a few years now, it was only during the pandemic that companies started taking cybersecurity more seriously, as remote working became the new normal. Work from home (WFH) also meant employees taking home the company devices containing critical and sensitive data. As a result these company devices were exposed to the prowling eyes of hackers and cybercriminals, trying to steal sensitive data and exploit companies for ransom.

The most common and widely witnessed ways of cyberattacks during the pandemic were e-mail scams, phishing and ransomware messages offering information related to the COVID-19 situation. Over the past six months, there has been a massive spurt in such attacks across various industries with major incidents being reported from the banking and IT sectors.

There have been multiple reported cases of malicious COVID-19 related Android applications that give attackers access to smartphone data or encrypt devices for ransom. Over 100,000 new COVID-19 related domains have been created in the last few months that need to be scrutinised for malicious content. According to various industry data, over 80 percent of firms have seen an increase in cyberattacks in 2020 with  phishing attacks being the most common. It increased by over 600 percent followed by ransomware attacks that saw a rise by over 150 percent.

Even large technology companies such as Twitter, Zoom, Sopra, Finastra and Truecaller were victims of cyberattacks. In the case of Twitter, accounts of several famous personalities were hacked with hackers tweeting about Bitcoins, and then these hackers demanded Bitcoins from the followers of the hacked accounts. Back in India, leading grocery delivery start-up BigBasket also faced a massive data breach. Over 20 million user data was compromised.

These rising instances of data theft and breach has finally forced companies to double down on their efforts to ensure the safety and security of their data and devices from cybercriminals. They have been ensuring that all corporate-owned or corporate-managed devices have the same security protections, regardless of whether they are connected to an enterprise network or an open home Wi-Fi network.

Companies have also been constantly educating and training all their employees to be able to differentiate between an official and a phishing mail. They have attempted to mitigate threats by restricting the number and type of company related activities that employees can perform on their personal devices.

Organisations have been focusing on three important areas while setting out to secure their networks in a work from home environment. First is traffic protection to secure access and control movement of data on work devices. They ensure secure connections are established between any endpoint and the company network, providing full visibility of network traffic across all ports, protocols and applications. This helps in eliminating any blind spots in mobile workforce traffic and gives organisations the ability to maintain a consistent view of applications being used.

Second is network segmentation, where data is protected by securing the network internally. Not all employees or users are given access to all kinds of corporate networks. Policies are being drafted in a manner that specific groups of users are able to access applications and files on a need-to basis. Companies are resorting to a zero-trust policy to secure these internal networks.

The third is effective device management with preventive measures against phishing and credentials theft. This is done on both corporate and personal devices. Possible measures can range from simple steps that require a PIN to unlock the phone to technology-based solutions, such as the ability to remotely lock specific apps if one’s device is lost or stolen.

Another reason why companies globally are increasing their investment in enterprise security is because of the changing work culture. Professionals no longer want to confine themselves to their office workstations and cubicles. They want more of a work-life balance and are open to embracing flexible working hours and spaces such as home or a café.

Even device makers and service providers are recognising this tremendous market opportunity, and have been consistently improving and targeting their enterprise offerings to those who wish to use their personal devices at work. Apple, for example, recently announced a partnership with Deloitte, aimed at helping businesses build productivity solutions across enterprise functions such as retail, recruitment and back-office systems.

Similarly, Microsoft has greatly simplified the BYOD experience for Windows 10, allowing users to add work accounts to their personal devices, and enabling integration with Azure Active Directory, Microsoft’s cloud solution that manages identity and access for users of its software.

Despite the steep rise of cyberattack vulnerabilities and their potential dangers, many smaller organisations are still lagging behind where cybersecurity management is concerned. Internal auditors play a significant role in this context, due to their expertise in identifying and evaluating risks, and the status of existing mitigating controls, with the numerous frameworks in place. It is about time to stop ignoring or underestimating cyber risks and relying solely on generic off-the-shelf cybersecurity solutions.

While the world goes digital, cybersecurity threats and vulnerabilities will grow targeting organisations’ operational systems and servers in an unimaginable way. Hence,  organisations and their top executives need to take proactive steps to find out innovative and new ways to mitigate these risks. Enterprises need to ensure that they are able to combat such cyberthreats and grow their business in this ever-changing dynamic world.

As a first and very vital step, such enterprises need to prepare their staff to navigate the challenges involved in remote working, particularly if they are unaccustomed to it.

Riyaz Tambe, director, Prisma Cloud Systems & Consulting Engineering – JAPAC Palo Alto Networks