Creating effective cybersecurity playbook

cybersecurity playbook

CIOs say that IT security teams had to learn to be dynamic, to mitigate the different kinds of attacks launched on organizations during the pandemic.

Security leaders say that the current scenario of prolonged remote work environment due to the pandemic has resulted in them having to update and recreate cybersecurity strategies to continually ensure adequate security.

The cybersecurity domain was complicated, to begin with, and the pandemic attacks have added to the risks. Most incidents have been due to employees circumventing standard industry measures and logging into the enterprise network by using domestic connections and personal devices. This further added vulnerability issues for organizations’ security profiles.

IT departments point out that most employees wouldn’t have changed their passwords since the start of remote work. Whereas in on-premise offices, employees are prompted to change their passwords every month or so.

With the lockdown being eased in most countries, organizations are looking into welcome back employees to on-premise office locations. Physical security strategies play a significant role in this planning.

Safe data transfer from personal devices is a crucial area for the security teams to consider and accomplish. It must be done without affecting the productivity of the employees.

Read More: AI and Machine Learning Critical to Tackling Cyber Threats Say NTT

The security teams’ workload has considerably increased as they have to make sure that both employees and end-users have seamless access to the relevant resources. The pandemic has made the process even harder due to the remote logins to the central security network.

CISOs said that cybercriminals used the pandemic to their advantage. APT groups pretended to be trusted entities and gained illegal access to confidential data. This was possible by COVID-19 based phishing emails, nefarious applications, or even trusted applications previously compromised.

CIOs propose the creation of standard cybersecurity practices that would remain relevant to the employee location. Adequate measures will ensure that the organization is protected from phishing and other malicious cyber-attacks.

Reducing the dependence on passwords

CIOs acknowledge that majority of the corporate-related hacking incidents were due to compromised credentials. They propose the implementation of multi-factor authentication for all employees and end-user accounts.

Organizations are also considering physical checks like biometrics or YubiKey. Such measures are much more complicated to bypass than one time passwords and make passwords redundant.

Read More: Malware and Phishing Attacks – Scammers Are Misusing Stimulus Payments

Strengthen VPNs and other remote working applications

Security leaders point out that if an organization’s mobile infrastructure has suddenly increased, then hackers have already been exploiting the popular liabilities in such tools. Most weaknesses are present in remote desktop solutions, client-side video conferencing applications, etc. Most organizations overlooked updating their security profile with the latest patches and updates. It put the apps and organizations under more risk of a breach.

Training the end-users

CISOs believe that organizations should not depend on their end-users to practice safe cybersecurity measures. They propose training of mobile employees to detect phishing and ransomware attempts proactively. Online pieces of training to educate employees on how to avoid pandemic related scams will be a good measure to prevent potential attacks.

Encourage employees to speak up

CIOs say that employees, mostly security personnel, should be encouraged to speak up about potential vulnerabilities. It warns the organization and promotes innovative security measures to be analyzed. Before deploying any new security tech, unbiased opinions from the security department must be taken into account.