Due to Covid 19 Lockdown, things have changed at the organizations’ level and all of a sudden, the CISOs have jumped into a new realm of ‘working from home’. Some were prepared and some were not. However, it has brought in a lot of security challenges and many companies have been hacked and attacked. Specially, Cognizant Maze Ransomware attack is really bothering as despite a strong protocol of security and dedicated CISO and information security processionals under him, no one can realise their company is being watched and there is some opening for the attackers. So, every large company is today nervous. Although every C – level executive is of opinion that his company is secure, yet security think tanks of companies are pondering upon how to keep their assets immune.
Vishant Pai, Head – GRC and CISO at Yotta Infrastructure Solutions, “We at Yotta Infrastructure LLP. recently concluded a Phishing simulation exercise.”
I Would Encourage All My CISO Community To Conduct Such Exercise Since “People” Are The Most Vulnerable In Cyberattack Surface.”
Vishant Pai, Head – GRC and CISO at Yotta Infrastructure Solutions
“Especially in my opinion, conducting such exercise to understand the user behaviour while all of our employees are working from home offers a unique test case. I would encourage all my CISO community to conduct such exercise since “people” are the most vulnerable in Cyberattack surface,” he further added.
Phishing simulation is one of the cheapest and effective solution to test the waters during these troubled times.
Mohit Kalra, Head of Information Security, RattanIndia Group, said, “During Lockdown, we are ensuring secure availability of resources to authorized users, as well as educating them regarding data privacy, latest ransomware and social engineering attacks through online sessions and Infographics emailers and testing their effectiveness frequently.”
DLP With CASB Capabilities, MDM, And Other Cloud-Based Security Solutions Are Truly Offering Great Help In Implementing Technical Controls While Users Are Safely Working From Home.”
Mohit Kalra, Head of Information Security, RattanIndia Group
“Due to the greater visibility of CISO office, we are also coordinating with business teams, HR, Compliance and IT for a smooth operation, thus acting as a strategic influencer in Board meetings on the basis of comprehensive Risk Assessment. Detailed BIA with all the stakeholders is helping now in these difficult times, for Business Continuity Management,” Kalra added.
As the lockdown tenure is extending, it further needs finetuning of the strategy. Pai said, “The first lock down went to ensure availability. Since our collaboration suite was on cloud, it was easy for us to immediately adopt to work from home. In fact, we successfully conducted virtual onboarding of resources who were offered before lockdown. The second lockdown is more of business as usual.”
Pankaj Nagpal, CISO at Romsons Group of Industries, says, “An unplanned and rapid shift to remote working was inadvertently forced companies to relax cybersecurity controls. CIOs and CISOs must work quickly to counter the risks before the criminals capitalize on them.”
Criminals are already taking advantage of COVID-19 in their cyberattacks and remote access and phishing are the two areas most likely to result in a cybersecurity incident.”
Pankaj Nagpal, CISO at Romsons Group of Industries
As per him the following seven steps are priority for any organization to stay safe from the attacks:
- Ensure all internet facing services are protected with MFA (SMS-based MFA is better than no MFA)
- Patch remote access services – particularly VPN and terminal service gateways.
- Monitor phishing reports and get your operations team or MTR service to hunt for associated IOCs.
- Check remote clients are still receiving their endpoint security updates.
- Ensure your OS, browser, email client and software commonly used to open attachments is set to update automatically.
- Disable browser plugins such as Java, Flash and Acrobat.
- Use identity federation to ensure all cloud services are accessed with corporate credentials.
So, so far so good!