Covid 19 was called a Pandemic by WHO and it sent us all packing…
That simply meant we all opened our laptops in the comfort of our homes.
Home.
Lovely! That’s what we’ve always wanted ? Haven’t we?
While securing ourselves from the virus outside, we made ourselves more vulnerable to the viruses that could enter our systems, our data more susceptible to attacks and ourselves more prone to phishing. With the security immunity being low, the chaotic scape is a perfect breeding ground for phishers, hackers and scammers to feed on.
We as individuals and organizations made ourselves susceptible.
Big, small, mid sized all are equally vulnerable… The following news items say it all.
HACKERS ARE TARGETING UK UNIVERSITIES TO STEAL CORONAVIRUS RESEARCH, NCSC WARNS
THE CORONAVIRUS CRISIS PUTS TELCOS BACK ON THE MAP AS STRATEGIC PROVIDERS
SCAMMERS ARE NOW TAKING ADVANTAGE OF US SMALL BUSINESS RELIEF FUND IN PHISHING EMAILS
When I read these, I could not stop myself from mumbling these famous lines from Julius Caesar-
Mischief, thou art afoot
Now, since mischief has set afoot, can we let it take the course thou wilt?
(Which literally meant, mischief you are astir, do what you intend)
What can we do?
The Zero Trust Tenet:
Covid made us get into a zero trust mode. Everyone is looked as a potential carrier of a virus. Apply the same analogy to cyber security. Data breach, ransomware, phishing attacks can come from anyone and anywhere and when they do, you cannot simply gasp and say
You too, Brutus?
( How can you breach and betray me? As a friend)
You simply cannot trust anyone. Zero Trust tenet means not trusting anyone. And I mean absolutely ‘No one and no action’. Every action, every hit is monitored, how users interact with an application, from what device, how many users access the application within the organization and how many without. For instance, you are a giant company where there are many hits in a single time frame, you may use AI and ML to build a behavioral file for each user. As soon as a suspicious behavior is seen, an immediate remediation can take place.
Wear the zero trust hat and authenticate every action in your architecture.
Guard your cloud.
We are undoubtedly living in uncertain, fluid times with an increased pressure on our digital resources, and we may continue to do so in the near future.
If you are using a Cloud or a SaaS solution, you are trusting that vendor with the security of your corporate data. Even if you can, are you sure you have armed yourself enough viz a viz the end points that access the data?
For example, you may not allow your employees to have direct access to a SaaS resource while they are using their own machine and may require them to tunnel to the system, you may still need to have DLP software, filters, antivirus screening in place.
And additionally, in case you have been caught off guard, a knee jerk shift to remote devices and networks will lower your immunity in terms of security, leaving some security gaps, including cloud misconfiguration leading to data breaches.
What NEXT?
A report by Learnbonds.com says that besides boosting their cybersecurity spending, as the top IT priority this year, around 55% of major organisations will boost their investments in automation solutions, revealed HFS Research survey conducted in April. Smart analytics, hybrid or multi-cloud and artificial intelligence follow, with 53%, 49% and 46% of those bodies asked naming them as their leading IT investments this year.
Therefore, in whichever domain of business you are in- whether in healthcare or telecom or e retail, now is the time to future guard yourself and all your data wherever it resides- on your machines, applications or cloud.
It’s time to UP your expense on cyber security.
The security of our networks, applications, enterprises, cloud platforms lies not in scrambling to figure out and come up with a patchy solution, but to override and preempt all possible vulnerabilities and threats you might be exposed to, so that some years hence you may say,
I CAME… I SAW, I
CONQUERED
-Julius Caesar
Reach me at: gchhabra@sagunaconsulting.com
