The pandemic has touched virtually every aspect of life, and cybersecurity is no different. A new threat intelligence and cybersecurity status report from Microsoft shows how businesses around the world are changing their approach to cybersecurity to protect user data and systems as more and more teams work remotely. Here’s how the pandemic has changed cybersecurity, and what your business can do differently to protect your data as the situation evolves.
How online threats are evolving
“While the volume of cyber threats has remained broadly constant during the COVID-19 pandemic, there has been a pivot towards phishing scams and malware that use COVID-19 as a lure. Often, phishing emails can capture personal data and financial information from unsuspecting retail and banking customers and your employees,” reports KPMG. Microsoft confirms that phishing scams are on the rise. In their survey of business leaders at large enterprises in India, Germany, the UK and the US, Microsoft found that more than 90% of companies have been impacted by phishing attacks since early March 2020. In addition, Deloitte reports an uptick in COVID-19 related ransomware attacks, reporting that “attackers are using COVID-19 as bait to impersonate brands, thereby misleading employees and customers.” Employees and consumers alike are being targeted with ransomware posing as COVID-19 related applications. Unwittingly, your employees may be opening up your network to new risks disguised as helpful resources. For many IT teams, data breach challenges and cybersecurity are becoming even harder to manage as businesses scale down their workforce. Because teams are working remotely or on limited shifts due to the pandemic, the detection of malware attacks and other cyber threats has become more difficult – and the response is even more complicated. “Updating patches on systems may also be a challenge if security teams are not operational. Organizations should evaluate the security defences in place and explore the use of co-sourcing with external consultants especially for areas where key man risks have been identified,” reports Deloitte. With threats on the rise, how can your enterprise IT security be proactive about protecting your technology and software?
Cloud security is top priority
COVID-19 has accelerated many companies shifting to the cloud. Microsoft’s report shows that 39% of companies are prioritizing cloud security investments over things like data and information security or network security. Read more about how COVID-19 has impacted cloud security for schools, healthcare organizations, and small businesses in our guide. To keep your data safe, there are three ways to prioritize cloud security at your organization.
- Train your team: no amount of technology can account for human error, which is why it’s imperative to teach your team how to recognize signs of phishing and malware.
- Work with a cloud security partner: a cloud-native, DLP platform like Nightfall can do the heavy lifting by discovering, classifying, and protecting your data using machine learning – saving resources and time in the process.
- Make sure to configure your controls correctly. One survey found that 92% of IT professionals are concerned that their organization may be vulnerable due to cloud misconfiguration.
Cloud misconfiguration is a huge issue for many enterprises, suggesting that the concerns of IT professionals are warranted. Common cloud misconfigurations include storing unencrypted data where the internet can access it without any form of authentication, or accidentally leaving encryption keys and passwords in open repositories. These errors are typically caused by inexperienced users or outdated security models. If you’re worried about your cloud security, check out Nightfall’s Policy Engine – a good failsafe that can backup your security in case of human error.
Zero-trust architecture is on the rise
Zero-trust architecture is an approach to cybersecurity that many organizations are adopting while employees work from home. As one expert describes, zero-trust architecture is “the idea that individuals, devices, and applications cannot be trusted by default, and need to be authenticated and authorized.” The “never trust, always verify” approach is one way to clamp down on malware and phishing at the user level. Part of the process of implementing zero-trust security includes adding two-factor or multifactor authentication (MFA). MFA can be time-consuming to implement, so begin by prioritizing those users who have elevated privileges: your Slack admin, for instance, or team of developers. Don’t forget to include MFA in your third-party platforms, such as Google Drive and Slack. Another industry best practice is to add SSO and SAML to make cybersecurity less burdensome on your employees. SSO, single secure sign-on, reduces password fatigue for users who need to spend time re-entering passwords for the same login. It also helps to mitigate risk for access to third-party sites, as users don’t have to store passwords externally. SSO and SAML give users control of their credentials to protect sensitive data. Microsoft found that 51% of business leaders are accelerating a zero-trust approach, predicting that these measures will soon become the industry standard. “94% of companies report that they are in the process of deploying new Zero Trust capabilities to some extent,” Microsoft wrote.
There’s more onus on employees to be secure
Finally, because more and more teams are working from home, security teams must rely on individuals to help maintain big data security and cybersecurity protocols. While a zero-trust approach would suggest that security teams can’t rely on their employees, the opposite is true: with the right education and communication, employees can significantly decrease the threat of cyber attacks. “COVID-19–themed phishing, vishing (voice phishing), and smishing (text phishing) campaigns have surged,” reported McKinsey. “Security teams must prepare employees to avoid being tricked. These teams should not only notify users that attackers will exploit their fear, stress, and uncertainty but also consider shifting to crisis-specific testing themes for phishing, vishing, and smishing campaigns.” MIT Sloan experts agree that employees are under a lot of stress right now – which can make them even more vulnerable to bad actors. Security teams should set up self-help options and communicate proactively about what to do, rather than what not to do. For IT teams working with a reduced staff schedule, your employees can often be your best allies. In addition to getting help from your employees, many companies are getting cloud security partners to help fill in the gaps. These partners can help reinforce zero-trust architecture and provide agile cloud security options to monitor evolving threats. Companies turn to Nightfall as the first, automated defense in response to data leakage events, yielding measurable time savings for their IT teams. Learn more about how Nightfall can help protect your organization’s data by scheduling a demo below.