Time for Organizations to become Wary and Resilient

Excerpts from an interaction with Ashwin Pal, Security Services Director, Unisys Asia Pacific | Monday, 06 July 2020, 13:08 IST

Please elaborate on the importance of cybersecurity in different business sectors such as BFSI, Healthcare, Aviation (Air Cargo and Airports). What are the sectors that need to be extra cautious?

Globally, cybersecurity has never been more important than it is right now. As we are aware, the COVID- 19 pandemic has caused extraordinary circumstances, with employees across sectors working from their homes. This has caused a huge spike in the number of people using their own devices and internet connections to get work done. The vast majority of those doing so, do not have the security typically provided when working with technology in an office environment. This is one of the biggest challenges when you consider cybersecurity.

Many organizations use virtual private networks (VPN) to remotely connect to their company systems. However, VPN infrastructure is typically set up to cater for 20% of the work force working from home. With the number of remote workers rising to 80-90% due to COVID-19, VPN infrastructure are running out of capacity, resulting in costly and time consuming upgrades required to VPN infrastructure. In addition, VPNs allow an employee full access to resources once they have authenticated to the network. This may be okay when they are within the confines of an office environment, but may not be the case if they are working remotely opening the organization to increased risk of cyber attack.

Cyber criminals have always been opportunistic and the current scenario is their biggest opportunity. Attacks are getting more sophisticated and frequent, as unscrupulous people look to gather sensitive data online. At a time when anxiety is high, and people are less guarded, simple things such as playing on a person’s fear could open them to a variety of attacks that could range from phishing to identity theft and monetary loss.

While it is true that all users of the internet have to be mindful of the manner in which they engage online, some sectors that deal with sensitive or confidential data need to be more vigilant than others. Technology/IT product companies, companies in the BFSI vertical, healthcare, travel and transport, manufacturing and pharma are some of the most targeted verticals, because of the wealth of data and information they contain. 

Data is money for anyone who knows how to steal and sell it for profit. Awareness and caution is the need of the hour across any industry that has to protect its resources and data. Getting a clear overview of the risks that exist and putting in place appropriate mitigation measures is critical.

What is your opinion on the cybersecurity scenario post the COVID-19 situation?   

It is evident that the economic fallout is likely to be severe and will last for two to three years, if not longer. Budgets across organizations are likely to shrink as businesses recover from the effects of the pandemic. As a result, the C-suite of every organization will need to step up to adjust and be prepared to do more with less. Leveraging existing investments and sweating the assets that exist, will become the mantra.

COVID- 19 however has pushed many businesses to use a digital first approach in their businesses and that will result in the role of the CISO becoming more important in the business decision-making process.

Organizations will start becoming more aware of their assets and will deploy methodologies and technologies to protect them. They should ideally start by implementing solutions for end user education and then find budget friendly solutions to encrypt their data. They should identify and deploy solutions for patching of any vulnerabilities and use microsegmentation to ensure that only authorized personnel have access to sensitive information.

What are some of the tips to users/employees and organizations to protect themselves from cyberattacks during remote working?

Here are some protective measures that can be taken to protect organizations and users from cyberattacks:

  • Keep your applications and devices updated: This will keep your device safe from spam-based viruses.
  • Do not download apps from third party app stores: Purchase apps from licensed app stores.
  • Make sure you avoid using websites that are not safe: Make sure that the URL is not HTTP but HTTPS. The ‘S’ means that the data being shared is encrypted and secured.
  • Do not use public Wi-Fi network for work: Feeding personal or sensitive information using a public network compromises the security of that information.
  • Ensure you back up your data: It is very important to back up your data regularly so that it can be recovered if your system is attacked by ransomware.
  • Believe your instincts: Trust your instincts even in the digital world. If you feel something is not quite right in a digital interaction, do not pursue it further.
  • Use secure direct application access while working: Secure direct application access allows secure access to critical applications without the use of a VPN.  Secure direct application access allows encrypted access to specific applications based on strict role-based access controls.  Another effective control would be to use a multi-step authentication process that will ensure that the business information shared will be accessed only by the intended user.

Can you shed some light on the necessary steps that needs to be taken to deal with such a pandemic situation in future? How can companies be more cautious?

Talk to your telcos and other providers for denial of service mitigation services to help mitigate these types of attacks.  An additional investment in user and network behaviour analysis, combined with the controls discussed above, can assist with detecting malicious traffic masquerading as legitimate traffic.

A key lesson from COVID-19 is that organizations must always be resilient and a big part of this is to ensure you have robust, up to date and well tested Business Continuity Plan (BCP) alongside Disaster Recovery Plan (DRP) measures.

A thorough internal analysis needs to be done in terms of capabilities, infrastructure and user awareness to ascertain the resilience factor of organizations. This can then become the basis to start work on a plan to immediately address any gaps exposed by COVID-19.

Don't Miss ( 1-5 of 25 )