COVID-19 Altered the Threat Landscape. Are You Properly Prepared for Today’s Cyberattacks?

Four Critical Steps to Reset Your Long-Term Cybersecurity and Compliance Strategy

“When COVID-19 hit, I hate to admit it as an IT leader…I was caught off-guard. With years of experience, I followed my instincts, and we did what was needed to respond to the new normal. I was amazed, but not surprised, how resilient everyone around me became, including the bad guys.”

For many, digital transformation accelerated overnight, requiring tools to enable remote work, collaboration, and selling. Hackers and scammers too began to seize the chaos of the crisis and cyberattacks everywhere began to mount.

The stop-gap or emergency plan that you put into motion a year ago to protect your people, processes, and technology from a breach or IT security incident may not be sustainable for the long term. In this article, we share four steps to help you move forward in a strategic, intentional way so that you are set-up for long term protection.

How Did COVID-19 Impact the Cyber Threat Landscape?

First, let’s examine the pandemic’s impact on the threat landscape. As the definition of assets to safeguard expanded beyond the office, a company’s environment without proper security protocols becomes more vulnerable to a data breach.

In fact, Malwarebytes’s 2020 study on COVID’s impact on business IT security revealed that:

  • Nearly 20% of businesses faced a security breach resulting from a remote worker
  • Almost 25% of businesses incurred unexpected expenses specifically to address a cybersecurity breach or malware attack

The potential attack surface grew wider—from a few data centers to every employee’s home office. All employees had access to corporate VPNs and cloud-based services. Cybercriminals saw this as a window of opportunity. They adjusted by targeting personal and work systems to single out at-risk employees and vulnerable remote networks, including unsecured routers and default password-protected home wi-fi networks.  

To improve your long-term security posture and minimize cybersecurity risk, it’s important to shift thinking from a disruptive mindset (triggered by the pandemic) to a transformative one. It is possible to thrive when you move forward intentionally. Here are four steps to evolve your emergency response plan into a strategic, long-term cybersecurity plan.

1. Identify the Gaps in Your Security Posture

Strengthening your cybersecurity begins with a thorough assessment of your new environment to identify cybersecurity risks in how you operate and the technology you have in place.

Follow the National Institute for Standards and Technology’s (NIST) Cyber Security Framework (CSF), an industry-standard guidepost, to determine gaps in your security posture. CSF guides organizations in managing and reducing their cybersecurity risk through standards, guidelines, and best practices. Adopting the CSF gives an unbiased, standards-based approach to understanding, addressing, continually evaluating, and adjusting your organization’s security posture through the lens of risk management standards.

The CSF provides a structured, comprehensive approach to Risk Management and Risk Assessment addressing five functions:

  • Identify
  • Protect
  • Detect
  • Respond
  • Recover

Today, businesses routinely focus on the traditional methodologies that align with the CSF’s Identify, Protect and Recover functions while leaving a gap in Detect (threat detection) and Respond (threat remediation) functions. Below are questions to help uncover your security gaps.

IdentifyHow do you currently manage cybersecurity risk to systems, people, assets, data, and capabilities?
ProtectHow do you limit the impact of potential cybersecurity events? What safeguards fare in place for delivery of critical services?
DetectHow do you identify the occurrence of a cybersecurity event promptly?
RespondHow do you take action regarding a detected cybersecurity incident to minimize the impact?
RecoverHow do you maintain plans for resilience and to restore services impaired during cybersecurity incidents?

2. Develop a Strategic Cybersecurity Game Plan to Combat Today’s and Tomorrow’s Threats.

Once you have identified the gaps in your security strategy, determine which require immediate attention and which you can address at a later time. It is critical to address vulnerabilities that may significantly disrupt your environment first.

You may choose to handle risks in different ways, including mitigating the risk, transferring the risk, avoiding the risk, or accepting the risk, depending on the potential impact on critical services delivery and impact on your people, processes, and technology.

This risk assessment exercise helps prioritize roadmap decisions and informs your cybersecurity strategic game plan for addressing your immediate and future needs. Revisit your game plan often. Conduct recurring risk assessments and validate business drivers to determine what cybersecurity measures to prioritize next.

3. Have Cybersecurity Experts Implement and Manage Your Cybersecurity Roadmap.

Managing implementation is just as important as determining the game plan. Cyber attackers are now using more sophisticated methods to exploit networks and firewalls, therefore defending against these threats requires dedicated, highly-skilled professionals to respond effectively to incidents before damage occurs.

The cost to hire in-house cybersecurity experts can be prohibitive for small and medium-sized businesses. Outsourcing cybersecurity work is a viable option and provides many benefits: You get dedicated Security Operations Center (SOC) experts on-hand detecting and defending around the clock. They are knowledgeable, certified, and up-to-date on the latest cyber incidents and threats, and can help educate your in-house IT staff. 

4. Empower Your Team with Knowledge.

Security awareness training should play a significant role in how your organization strives to attain and maintain compliance with relevant laws and mandates. There are thousands of compliance regulations that organizations must follow, which often vary based on location and industry. Even a single employee in violation of compliance mandates – oftentimes accidentally falling victim to a cyberattack because they were not sufficiently educated on how to identify and avoid them – can leave the organization legally responsible and have significant financial consequences.

If your employees are not adequately trained, cybercriminals may infiltrate your corporate assets by tricking your employees through malicious emails or spam calls. Teaching employees how to spot ransomware, phishing, malware, social engineering, and other email threats is imperative. Employees become your detectives and your first layer of defense as you move forward together to mitigate risks. With the nature of cybercrime constantly evolving, structure your training program as an ongoing activity that includes security awareness training and simulations.

Former Senate Majority leader Mike Mansfield said “the crisis you have to worry about most is the one you don’t see coming.” Unexpected events get our adrenaline pumping and make us step outside our comfort zone. We spring into immediate action to put out the IT fire. As we move into recovery mode, it is critical to pause and reassess our environment and own the new threat landscape.

True cybersecurity is about being one step ahead. The COVID crisis may have temporarily shaken you, but now you can plan for the future and move forward with confidence as you implement your long-term cybersecurity game plan. Embrace proactive measures and develop more robust remote security policies for supporting a permanent work-from-home model. This requires necessary steps to ensure you have the people, processes, technology, and plan to secure your organization against cyber risks.

Let’s work together to strengthen your defenses, fill your security-skills gap, manage your security awareness training, and deliver a best-fit solution based on your technology stack, compliance requirements, and goals. Contact us to schedule a complimentary Risk Assessment as a first step to redefining your security posture.