Cybersecurity in the post-COVID-19 world

The COVID-19 pandemic lockdown is now in its 9th week and we are slowly beginning the long road to re-opening. We are all stressed and anxiously awaiting the return to normal. Many enterprises have done a remarkable job stretching their existing VPN infrastructure to support the surge of employees working from home while many others have had to limit access based on time-of-day or job criticality. We have been doing what is necessary to keep the business functioning, while also always believing the lockdown would be temporary and it too would pass. The new challenge we face in the enterprise is that, instead of returning to the way it was, there is now going to be a “new normal”.

Twitter and Amazon have already announced that many employees will be allowed to work from home ‘forever’. Businesses and especially governments are realizing that employees can be just as productive, if not more, while working from home. Employees are better off if they can save on their daily commuting costs and businesses can significantly reduce their real estate costs.

There will be benefits to society at large too: achieving the elusive dream of a work-life balance, reducing pollution since there will be a lot less commuting, and transit riders will practice social distancing more naturally with fewer people using transit. All these factors will help Canada make better progress towards greenhouse gas reduction.

However, as the world focuses on cushioning the economic and health impacts resulting from the pandemic, cybercriminals continue to accelerate their activities, increase the velocity of their cyber-crimes and create newer threats. The “new normal” has changed the risk posture of the enterprise forever. Just as businesses have to reimagine their business models in this “new normal”, cybersecurity teams also have to reimagine the new operating model and how they will enable the business to make this transition, not in the traditional 3 to 5-year time horizon but the new 3 to 9-month time horizon.

There are three key trends I see having a significant impact on the path forward in cyber security:

  1. The traditional perimeter has vanished. Employees at home are often using their personal devices to access corporate applications in the cloud. The Internet is the new Corporate Network.
  2. The Cloud First strategy is now a Cloud Only strategy. Enterprises that were slowly adopting a Cloud First approach must now fully embrace digital transformation by changing to a Cloud Only strategy.
  3. The endpoint reigns supreme. The many debates and false starts associated with adopting an enterprise BYOD strategy are yet again front and centre.

These trends force us to totally rethink our cyber security approach. What we did yesterday will simply not work in the new normal. This is a once in a generation opportunity to fast track the digital transformation of cyber security. We, as security professionals, have to take the lead by first changing our own thinking and then moving away from rigid and dogmatic legacy approaches to security.

I want to caution you, as you start this transformation process, to keep it simple, practical and easy to implement. I would also recommend the NIST Cyber Security Framework as your starting point even if you have adopted and are using other standards and frameworks. I have been following the NIST CSF for the last five years and have come to really appreciate its simplicity and clarity.

Recommendations for enhanced cybersecurity

In the short term, at a minimum, organizations should implement the following measures to strengthen their cyber security in the “new normal”:

  1. Secure the Endpoint: Implement cloud-based Endpoint Detection and Response so that endpoints can be updated and protected whether or not they are connected to the corporate VPN.
  2. Patch the Endpoint: Implement a cloud-based Patch Management System. Many endpoints today cannot be patched over a VPN, leaving them vulnerable.
  3. Secure Internet Access: Implement a cloud-based Secure Web Gateway for secure direct access to cloud applications for employees working from home. Eliminate the need to backhaul traffic through a VPN while maintaining equal or better security controls.
  4. Implement Multi-Factor Authentication: All businesses should deploy Multi-Factor Authentication to protect their users. COVID-19 has led to numerous phishing campaigns; it is only a matter of time before a tired and stressed employee succumbs and gives out their corporate ID and Password.
  5. Education and Awareness Training: Businesses must also prioritize security education and awareness training. This measure alone will ensure that employees are fully aware of best practices when working remotely and can identify, report and manage phishing attempts.

Work with Stratejm

A new breed of advanced security solution is required to counter the cyber security challenges of the post-COVID-19 world. Stratejm offer’s North America’s premier Security-as-a-Service platform, which is fully based on the NIST CSF. We operate 24x7x365 to facilitate quick detection and response, assisted by state-of-the-art functions such as real-time event correlation and advanced threat management, among others. All Stratejm solutions are hosted in the cloud and are ideal for situations where staff cannot physically go on-site such as those we are facing today. You can still secure your enterprise while employees work from home and you can migrate away from legacy and tired security solutions. For more information and a demo, I invite you to visit the web site at https://stratejm.com/framework/