[Posted on Behalf of Pushkal Mishra, AVP IT & CISO HDFC ERGO Health Insurance Ltd.]
While the world is battling with COVID-19, Information security professionals have a double duty to do.

1. Take all the precaution to keep the Coronavirus away on the personal front

2. Manage the IT risks that come along while facilitating Work From Home (WFH) for the organizations they work for

Let’s focus on point No. 2 here. With COVID-19, the organizations have reached an inflection point where things have changed dramatically to facilitate this “new normal” of WFH. Standardized office perimeters disappeared and now anyone can connect from anywhere. The pandemic has struck the organizations around the world like a perfect storm and the onus is on IT to enable the business during the lockdown and facilitate them with necessary tools & technologies to work from home.

Most of the organizations never designed themselves to go mainstream that way. Consequently, there were a Tsunami of things to be taken care of, at times, at the cost of security! As a result, the attackers are now exploiting those loopholes to their advantage. We’ve already seen plenty of unwanted security incidents across the board.

Through this article, I would like to bring your attention to some of the things that could be done to control the IT risks of working from home. You can view them in terms of short term and long term focus.

Short term (within 3 months):


First of all, conduct the security risk assessment of the Remote IT infrastructure that includes VPN (Virtual Private Network), VDI (Virtual Desktop Infrastructure), Terminal Services, Public facing applications, and cloud workloads as these are some of your entry points. You need to reassess your risks because pandemic has changed the context, for example, organizations in the pre-COVID-19 era considered VPN as DR measure to support business in case primary connectivity (or office premise) goes down but tables have turned and VPN is now the primary mode of connectivity and has taken the precedence over the standardized office cubicle way of working. So Remote IT infra has climbed up the ladder of asset criticality matrix of the organization. Which means it will now have rather aggressive recovery objectives and SLA than before and it will also be the primary point of attack

Seriously consider phishing risk as there has been an upsurge in the number of phishing emails taking advantage of the anxieties of people during this pandemic. So many potentially dangerous domains have been created for phishing emails. Please educate your users in an engaging way. Try internal phishing simulation as people learn better that way than educational emailers. While you are at it, also educate users on home WiFi and mobile security Initiate vulnerability assessment and penetration testing of your critical applications both in Blackbox and Greybox mode

Check on your brand reputation across cyberspace for any potential business risk of dark web threats, brand infringement/intellectual property leaks, rouge applications, fake campaigns/scams, PII data exposures etc

Long Term (6 months or beyond):


Review your data loss prevention program & associated technologies. Think this through from unmanaged endpoints accessing the managed network. Reorient it to suit the current situation
Review your security incident and event mgmt program & associated technologies. Add use-cases that are pertinent to today’s context (e.g. more use-cases on VPN if that is your primary mode of corporate connectivity)

Develop capability for endpoint incident detection and response as we are living in the times where perimeters are fading fast and traditional corporate endpoints are now “internet endpoints”. These endpoints may be subjected to a variety of security issues owing to software security, configuration issues, backdoors, etc, and can eventually lead to disruption of services. So isolating, containing and recovering capabilities at endpoint can be a good strategy

Strengthen your business continuity mgmt program as it is now needed a lot more than ever before
By no means is this an exhaustive list. You can add to it as per your risk mgmt program (such as ZeroTrust/SASE, Data-Centric security etc). Although these are few good points, to begin with.

Views: 57

Join the Discussion ...

You need to be a member of CISO Platform to join the discussion!

Join CISO Platform

FireCompass

Forum

CISO as an enabler

Started by Maheshkumar Vagadiya Jul 30. 0 Replies

Share the instances where you were able to convince the Executive management /board that CISO function is enabler rather then a hindrance.Thanks youMaheshContinue

Has Anyone Evaluated Digital Signature (like Docusign)?

Started by CISO Platform. Last reply by SACHIN BP SHETTY Apr 24. 1 Reply

(question posted on behalf of a CISO member)Has anyone evaluated digital signature (like Docusign), any specific risk/ security areas to be looked into while finalising a vendor? Any and all inputs will be very much appreciated.Continue

What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?

Started by CISO Platform. Last reply by ANAND SHRIMALI May 20. 4 Replies

(question posted on behalf of a CISO member)What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?Related Question: …Continue

[Please Suggest] Corona Virus: Security advisory for work from home

Started by CISO Platform. Last reply by Bhushan Deo Mar 20. 12 Replies

(question posted on behalf of a CISO member)Due to CORONA virus most of the organizations are allowing their employees to work form home.Has any one issued security advisory for work from home ?Continue

Tags: #COVID19

Follow us

Contact Us

Email: contact@cisoplatform.com

Mobile: +91 99002 62585

InfoSec Media Private Limited,First Floor,# 48,Dr DV Gundappa Road, Basavanagudi,Bangalore,Karnataka - 560004

© 2020   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service