Express Computer
Home  »  Guest Blogs  »  Six steps to now correct quick-fixes taken in 2020

Six steps to now correct quick-fixes taken in 2020

0 324

By Adam Palmer, Chief Cybersecurity Strategist, Tenable

It is estimated that global cybercrime will grow by 15 percent annually over the next five years, reaching USD 10.5 trillion by 2025 (Source: Cybersecurity Ventures). To provide a comparison, this is much larger than the damage inflicted from natural disasters in a year. According to a Forrester study, some of the damaging effects from cyberattacks in India include identity theft (44%), financial loss or theft (38%), and ransomware payout (33%). Many of these attacks can be avoided. The cost of these damages far exceeds the cost to prevent such attacks through investment in strong security practices.

Last year, Covid-19 caused CIOs to sometimes put usability and deployability of IT ahead of security. This was a quick solution to ensure business continuity in a time of crisis. However, this approach may have introduced new security risks. These quick fixes may have exposed assets and networks to vulnerabilities that can now easily be leveraged by cybercriminals for attacks.

Time to secure the new normal
The band-aid security solutions that many CIOs put in place last year now need to be replaced with scalable, long-term, strategies. Numerous articles and surveys, such as the one from Public App in India, have stated that the return to the office full time may be a thing of the past. Only 27% out of 300,000 respondents in the same study indicated their preference to go back into the office while many stated they would prefer to work from home or have a hybrid workplace arrangement. With this in mind, organizations need to reassess existing cloud security infrastructures to support a distributed workforce in a dynamic environment with many connected personal devices.

Start with a roadmap: Before embarking on anything, create clearly defined data management strategy that is aligned to the organization’s needs. This saves time and ensures that security is part of the process. Reduce risk by limiting third-party access to the network and by using privileged access management controls.

Security integration: Harmonize and ensure that security is integrated across all applications, critical data, cloud-based assets, DevOps, network infrastructure, and operational technology. With so many new connected assets, having a single source of truth can make a world of difference.

Intelligence: Utilize machine learning and threat intelligence to identify actual vulnerabilities and risks critical to the business. Avoid relying solely on a cloud vendor for generic configuration monitoring.

Visibility: Most remote workers have a variety of connected devices such as smart television sets, doorbells, baby monitors and more in their homes in addition to their laptops and tablets. This means that every time a remote employee logs into their laptop, each of those devices becomes part of the enterprise attack surface. Since security teams won’t be able to run network vulnerability scans of personal devices, installing local vulnerability detection agents to provide off-network visibility is beneficial. Risk can also be mitigated by adding IT systems management onto laptops so that the security team can control software updates and patching. This is a simple, but effective strategy.

Plan for continuity: Every organization should have business continuity and crisis communication plans. These plans should contain a business impact analysis, financial and operational costs, management risk tolerances and resource dependencies. Document where critical data resides for high-risk users such as executives, those with administrative privileges and those developing source code).

Many organizations have had to quickly adapt their technical infrastructure to support a new remote workforce, but they now also have to adopt long term security solutions. This will prevent cybercriminals from taking advantage of these quick-fix solutions made in a time of crisis. There’s no better time to correct these security gaps, than now.

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image