“Flat out like a lizard drinking” is a classic Australian expression coined to describe the state of being extremely busy. Many information security professionals know just that feeling. Since shutdown measures designed to slow the spread of COVID-19 were introduced in March, they’ve been flat out, supporting the mass move to remote working and staving off the rising risk of infiltration or attack, by hackers and cybercriminals.
Rising risks in the time of coronavirus
The latter represents a clear and present danger in these uncertain times; so much so that Australian Prime Minister Scott Morrison took the unprecedented step of issuing an urgent hacking warning to businesses back in June.
His announcement followed a series of similar warnings from the Australian Cyber Security Centre, that individuals and businesses should be on their guard against COVID-19-themed malicious activities and scams.
A large-scale attack or data compromise can be disruptive and expensive. That’s something organisations struggling to stay afloat in the COVID-induced recession can ill afford to wear, as drinks giant Lion Nathan learnt to its cost, following a succession of damaging cyber-attacks during June.
“The timing of this attack – just as the hospitality industry is trying to get back on its feet [post-COVID-19] closures – could not have been more challenging for Lion and our industry partners”, the company noted in a statement later that month.
Enter the information security leader, whose chief responsibility is to develop strategies and implement programs that stymie and see off attackers. Here are some of the challenges they’re having to address in today’s rapidly evolving business environment.
Ransomware 2.0
High-profile companies with decent security budgets are not immune from the latest wave of ransomware activity. “It could have been us” seems to be a common agreement among security specialists. Criminals are crafting malware to evade the specific controls that an organisation has in place, and using tried and tested ransomware to infiltrate organisations and exfiltrate critical data before locking the company out of its own systems. A different approach is needed – one that is independent of type of ransomware used.
Stretching security budgets
While the pandemic may have presented IT security teams with a new set of priorities and tasks, additional funds with which to address them won’t necessarily be forthcoming. Businesses of all sizes and stripes have been forced to slash their spending across the board in recent months, as a result of slowing demand. That means security leaders may need to get creative with existing resources and budgets, if emerging security risks are to be managed effectively.
Securing remote users
Some Australian organisations were ill-prepared for remote working en masse and made the expedient decision back in March to send employees home first and worry about cyber security second. That meant making do with existing security technologies, including VPN infrastructure which, in many instances, was unable to handle the flood of remote traffic which followed the exodus from head office. Four months on, remote working looks like being here to stay and putting rigorous protocols and measures in place to protect mobile devices and users from compromise and credential theft is an urgent imperative for organisations which have yet to address the issue.
Locking down end points
Locking down the large number of end points being used by remote workers is central to this challenge. Doing so effectively may necessitate the purchase of an end point protection platform and an end point response solution which can be used to facilitate secure network access, block malware and prevent unauthorised access and use of employees’ credentials.
Securing cloud operations
Organisations with cloud-first computing policies have generally weathered COVID-induced disruption better than those whose IT operations are centred around an in-house data centre. As remote and hybrid working models become entrenched, more enterprises are likely to make the shift to the software-as-a-service model. With that comes the requirement to protect data in the cloud. Cloud-specific security tools may be needed to monitor user activity, warn administrators of risky actions, block malware and enforce security policy compliance.
Supporting Australian businesses to recover and rebound
Establishing effective security practices throughout an organisation cannot be seen as an immovable goalpost. The relationship security has with the entire workforce needs to be a continuous conversation – and constant improvement. From product design to internal infrastructure, getting everyone invested and keeping everyone informed can serve as a powerful bulwark against external threats.
Ongoing uncertainty and recessionary conditions triggered by the coronavirus shutdowns mean Australian businesses face a tough journey back to profitability and growth. Scalable and resilient ICT infrastructure and systems will be key to their efforts – and keeping those assets secure will continue to keep security professionals fully occupied, in 2020 and beyond.
Jim Cook, ANZ regional director at Attivo Networks
