Managing cybersecurity in a post-pandemic world

As Twitter becomes the latest victim of a high-profile security breach, it is a timely reminder that no organisation is immune from cybercrime, and the effects can be devastating. But the social media giant is far from alone.

In the wake of COVID-19, cyber-attacks have spiked. In a single week Google reportedly blocked 18 million daily malware and phishing emails related to the pandemic. The Australian Government also recently warned of a sustained, state-based attack on Australian governments and companies.

IT leaders have been presented with the substantial challenge of protecting their enterprises from malicious actors without stifling organisational agility or the ability to innovate, while at the same time enabling business continuity and mass remote working.

Now, as IT teams begin to draw breath after the first stage of the pandemic, leaders must take the opportunity to evaluate their organisation’s security posture. This should include a thorough assessment of existing controls, plus a comprehensive review of the IT changes that were made ‘on the fly’ to enable remote working in response to the pandemic.

The evaluation should cover three key areas: technology, people, and processes. In each area, there are security weaknesses that are common to many organisations, but there are also opportunities to make significant gains that will benefit the enterprise now and beyond the pandemic.

Educate employees about the threats

Even with the strongest technology and systems in place, people remain a key source of cybersecurity risk—both unintentional and deliberate. Unmonitored, employee behaviour may change in a work from home (WFH) environment. Employees may be tempted to visit websites that would usually be blocked by the organisation’s network, exposing them to malicious websites.

Increased stress and anxiety as a result of the pandemic may make people more prone to social-engineering attacks, such as phishing and smishing (text phishing). COVID-19-themed attacks have skyrocketed in the wake of the pandemic to exploit these emotions, making it critical for IT teams to educate employees against the risks. Sending test phishing emails and texts will also help to expose weaknesses and raise awareness amongst employees.

How IT teams communicate the message of cybersecurity risk can also play a large role in its effectiveness. At a time when employees are increasingly bombarded with pandemic-related information, messages can easily be lost in the noise. IT teams will need to think more creatively and utilise a mix of channels that allow employees to interact, ask questions, and build a collective awareness of the importance of cybersecurity.

Adapt processes to support resilience

The rapid transition to a mass WFH model caught many organisations unprepared, which led to security taking a back seat as business continuity was prioritised. IT leaders should take the opportunity now to consider aligning security policies and processes to support enterprise resilience in light of the changes.

It is likely that increased monitoring will be necessary, particularly for high-risk user groups. Traditional defences, such as intrusion-prevention systems, proxies, and web gateways, will not be effective for employees working remotely and not connected to a VPN, essentially leaving employees unprotected.

IT teams should monitor for events like bulk downloads or unusual bandwidth usage that may be an indicator of suspicious activity. Similarly, security Information and Event Management (SIEM) systems should be reviewed to ensure that they are effective against new and emerging threats.

Few business continuity and disaster recovery (BC/DR) plans took account of a global pandemic which means that it is likely they will need to be adjusted to reflect the current operational context. IT leaders should review and test plans to determine they are appropriate in scope and scale. Consider also reviewing the BC/DR plans of critical suppliers to ascertain that adequate security controls and procedures are in place.

Ensure adequate defences are in place

As organisations have rapidly implemented the technologies needed to enable remote working, it is possible that they have introduced risks that could be exploited by cybercriminals.

To mitigate these, IT teams can take preventative action, such as ensuring robust VPN services are deployed, promptly installing security patches for critical systems, and requiring the use of multifactor authentication to access critical applications and networks.

At the same time, IT leaders should consider potential security holes in existing infrastructure. In particular, an organisation’s fax system could present a weakness and is often overlooked.

Although faxing remains a critical form of communication for many businesses, traditional server systems can create an array of security vulnerabilities. The Australian Government Information Security Manual explains that, for example, a fax machine or multi-function printer will attempt to resend a failed message, even if the machine has been disconnected from cryptographic equipment and connected directly to the PSTN. This could lead to confidential information being sent unsecured, resulting in a data spill. Similarly, incoming fax messages may compromise data security simply by being picked up by an unauthorised person.

An easy way to significantly improve fax security is by migrating to a cloud faxing solution. Leading cloud fax providers offer enterprise-grade security with best-in-class protection using the most advanced technologies.

Leading providers protect faxes transmitted over the internet with TLS encryption, while “Heavy” Tier III and IV secure data centres—the best of which maintain SOC 2 or SSAE 16 Certifications—ensure that sensitive data is protected at rest, 24/7. Good providers also follow industry best practices on data security, such as ISO 27002, and ensure robust compliance with regulatory mandates like HIPAA, GLBA, and SOX.

Leading providers offer flexible APIs that allow easy integration with existing CRM or ERP systems, making it possible to automate high-volume faxing from within these systems. Real-time delivery confirmation and robust audit trails enable documents to be used for legal purposes while sophisticated document management capabilities support adherence to government guidelines on record keeping.

Cloud faxing also enables remote working by equipping IT teams with centralised control over the whole system wherever they are located. And because employees only need an email address and internet connection to send and receive faxes, they are no longer reliant on physical connections. Doubts about security outside of the organisation’s firewall are eliminated as faxes remain on the cloud fax provider’s server, so no sensitive information is ever transmitted directly to an employee.

Aside from significant security and compliance benefits, cloud faxing also offers organisations an opportunity to make immediate and substantial cost savings as the overhead costs associated with running an on-premises fax system are instantly eliminated. Similarly, fax hardware such as servers, fax machines, and fax boards can also be retired, effectively reducing CapEx to zero.

COVID-19 has dramatically altered the business landscape. With the right changes to technology, people, and processes, IT leaders can effectively secure their business against cyberthreats and strengthen the organisation beyond the pandemic.

Image credit: ©stock.adobe.com/au/peshkova