Page 78 - Cyber Defense Magazine for August 2020
P. 78
guidance, is disruptive, often leading to a surge of help desk calls that can be hard for IT staff, working
remotely, to keep up with.
The practical consequences of slowing the rollouts might include accepting longer lives for software
versions that would previously have been considered obsolete. It would also argue for greater use of
automated instructional software layered atop the enterprise application – software that enables
employees to master changes more quickly and with greater confidence.
Another result of the coronavirus outbreak has been an acceleration of information movement from on-
site data centers into the cloud – a transition that had already been underway. Cloud-based applications
and related data can be readily accessed by people working remotely using just about any kind of digital
device, which makes it attractive for homebound workers. And today, public clouds are widely regarded
as secure. It is in cloud providers’ best interest to ensure the highest security of the application and data
to attract more adopters. Increasing adoption of public cloud and transition away from traditional
datacenter solutions will be additional added changes in the digital landscape.
Then there’s the Big One: security. Data security has always been a focus of IT professionals and
frequently a concern to senior management as well. But the explosion of off-site computing resulting
from employees working at home, frequently using their own consumer-level digital devices, has made
security an imperative. Of course, there was serious concern from the onset of Covid-19 that large-scale
work-from-home patterns would present a temptation to hackers. Less effective security in home
environments – including network sharing with children and other family members – would make it much
easier for criminals to perpetrate fraud or attack unsuspecting users.
As it turns out, those suspicions were right. According to the Wall Street Journal, cyberattacks against
1
banks and other financial firms rose by 238 percent between February and April , just as the bulk of their
employees began working remotely. At the same time, aggressive furloughing for cost reduction led to
a decrease in the number of employees whose regular assignments involved responding to cyberattacks.
The problem has been amplified by the government’s mass distribution of stimulus funds for individuals
and businesses through financial institutions, which play a central role in the pandemic response.
Capitalizing on chaos is a familiar pattern for every sort of criminality, and the confusion resulting from
the coronavirus response provided a perfect recipe for abuse.
What does that mean going forward into a post-pandemic world? There are, as a report pointed out,
various technical steps that would be prudent to take including multi-factor authentication, special controls
for certain facility-based applications, and device virtualization. But the primary focus needs to be on
people – the system’s users.
An indefinitely and perhaps permanently distributed workforce needs to stay aware of how the things
they do can either create or abate risks. That means constantly communicating the basics of digital
hygiene, possibly engaging a service that focuses on raising user awareness of cyber mischief, along
with vigilant monitoring for telltale signs of a security breach. Among the best practices for users:
● Keep business and personal email and other work accounts separate.
● Require the use of multi-factor authentication and ensure such policies are continuously enforced.
● Make sure users know what to do if a device is lost, stolen or compromised.
● Keep processes as simple as possible; when they get complicated, they get ignored.
Cyber Defense eMagazine – August 2020 Edition 78
Copyright © 2020, Cyber Defense Magazine. All rights reserved worldwide.