Linda Gray Martin, Sr. Director & General Manager, RSA Conference together with cybersecurity experts from RSA Conference 2020 APJ:
- Paula Januszkiewicz, CEO, Owner, Cybersecurity Expert, CQUIRE
- Magda Chelly, Head of Cyber Consulting, Former CISO, Entrepreneur, Marsh Asia
- Erich Kron, Security Awareness Advocate, KnowBe4
- Javvad Malik, Security Awareness Advocate, KnowBe4
- Stan Lowe, Global Chief Information Security Officer, Zscaler, Inc
Only months ago, businesses around the world had to make massive changes. The cause of those changes was so unprecedented that even those with strong incident response plans struggled to maintain their security posture amidst the challenges of an increased remote workforce.
The dust has started to settle, but hindsight tells us that we must do more to prepare for the inevitable: This—or something like this—will happen again. So how do organizations just entering the nascent stages of recovering from COVID-19 prepare for what will be a recurring issue? As we emerge from this first phase of this crisis, experts across the RSA Conference APJ program have weighed in on what’s to come so that organizations can better understand the actions they need to take today to be ready for what will come tomorrow.
What’s Trending Now?
So far, the biggest trend influenced by the pandemic is remote working and an increased usage of collaborative suite programs, said Paula Januszkiewicz, CEO, Owner, Cybersecurity Expert, CQUIRE. “Some companies had to adjust to the new reality rapidly. Luckily, all tools, which enable more than simple conversations, have become more efficient in response to users’ needs.”
Though collaboration tools may have become more efficient, the sudden shift to a remote workforce exacerbated the challenges of defending the disappearing perimeter. Companies have been thrust into conducting business from multiple locations with little or no preparation, which will to continue to be the case post-pandemic, said Magda Chelly, Head of Cyber Consulting, Former CISO, Entrepreneur, Marsh Asia.
As the attack surface expands, companies and security teams will face new challenges, Chelly explained. “Attackers will be using multiple channels of communication with a focus on social media, all targeting end users dispersed across the globe, working from unsecured networks, and on their own devices. They will also be leveraging opportunities for physical attacks in empty offices.”
Erich Kron, Security Awareness Advocate, KnowBe4 agreed that attacks have been increasing. Any emotionally charged situation opens the doors for social engineers to leverage different attacks from Phishing, Smishing, and Vishing to social media manipulation. In most cases, attackers are attempting to either get information or stir up chaos. “When people are in the midst of chaos, that impacts their ability to think critically. Getting somebody’s emotional state agitated puts them in a position where it is hard for them to make good decisions,” Kron said.
The Results of Cutting Corners
To enable remote work and move businesses online, many companies opted to cut some corners. They tweaked their policies and procedures in order to make things work, said KnowBe4’s Javvad Malik, Security Awareness Advocate.
For some that meant turning off 2FA. For others it meant leaving RDP ports open and exposed to the Internet. “In their efforts to try to keep the show on the road, they took shortcuts. As a result, they have accrued technical debt,” Malik said.
Organizations did what they needed to do to keep the business running. The issues now, Malik said, is that attackers know these weak points and will take advantage of them.
Boost Your Post-COVID Security
The past will repeat itself, so we need to think about architecture and the tools and technology that we put in place and determine what worked and didn’t work in order to adjust, said Stan Lowe, Global Chief Information Security Officer, Zscaler, Inc.
Companies large and small will continue building out remote work capabilities as they are realizing it is more economical to pay for internet and cell phone services than to pay for square footage. “Companies are looking for ways to offset losses from this period of time, and they are going to be shifting spending, so we need to change the way we deliver IT and security for customers and employees,” Lowe said.
To secure a portion of that spending, security leaders need to ensure a seat at the table. How? Lowe said, “use this opportunity to show that you are a business enabler who can allow your organization to use the tools and technology to drive business revenue. You need to enable the business.”
Steps to Take Now
Organizations need to communicate with their people. “Help them understand how this works,” said Kron. “Make sure your people understand how changes are going to work. Educate people on phishing attacks so that they are on the lookout despite having those emotional triggers. Communication is the anti-disinformation.”
Cybercrime will continue whether businesses are operating remotely on a temporary basis or more permanently in the future. “Businesses need to ensure continuous cyber risk management and a non-traditional approach to perimeter defense,” Chelly said.
Go back and plug the holes. In order to augment their overall security posture for the future, it’s critical that organizations figure out what they did, why they did it, and what will happen if they take this versus that action to try and resolve it. “Companies haven’t thought that through,” said Malik. “Document all the decisions you are making—or go back and document the ones you’ve made—and identify why you did it and how you plan to reverse it.”
Additionally, it is important to ask how to securely collaborate in a remote environment. “The question grows even more difficult because people commonly combine their regular social activities with work-related ones while working from home,” Januszkiewicz said.
Over the past few months, we have all had to come to terms with the new reality. We must continue to rethink how we live, how we work and how we approach security and be able to adjust accordingly.
RSA Conference 2020 APJ will be returning as a 3-Day Virtual Experience designed to help the cybersecurity community move forward by bringing the power of learning to you. Register for the free virtual experience here
