Strategies for Safeguarding Businesses During COVID-19: Insights for Chief Information Officers and Chief Information Security Officers
In the current climate, where many organizations have transitioned to remote work, it's more important than ever to ensure the security of your digital assets. Here are some key points to consider in order to safeguard your business.
The Increased Cybersecurity Risk
Cyberattackers are taking advantage of the COVID-19 crisis, with remote access and phishing being the most likely areas for a cybersecurity incident. Phishing attacks using COVID-19 as a lure are a significant risk, and organizations must be vigilant.
Prioritizing Endpoint Security
It's crucial to ensure that endpoint security updates are still being received. This includes checking VPN access to ensure it allows access to update servers. For organizations with on-premise infrastructure, the most at-risk services are likely to be VPNs and other remote access gateways.
Implementing Multi-Factor Authentication (MFA)
MFA is a great defense against credential phishing, the most common form of phishing. Organizations should consider implementing MFA to protect access, updating server operating systems, and adopting scalable and secure IT infrastructures to defend against a variety of cyber threats.
For organizations with cloud infrastructure, the focus should be on their identity provider, such as Azure or Okta. For those with on-premise infrastructure, the challenge lies in ensuring the weak authentication of remote access services is protected by MFA and only accessible with centrally-managed corporate accounts.
A password manager is the best tool to get around the issue of employees remembering multiple passwords, but it may take some getting used to for non-technical staff.
Other Security Measures
Browser plugins such as Flash, Java, etc. should be disabled if possible for improved security. Organizations must also focus their efforts on tactically reducing risk as quickly as possible, primarily by ensuring key services are protected with MFA by any means possible.
Reporting Phishing Attempts
Phishing reports from staff can help warn others and identify indicators of compromise for threat hunting. If an incident occurs, having a backup plan is essential in case the device fails to patch, especially if physical access is not possible.
In conclusion, securing your organization's digital presence is crucial during these times. By implementing MFA, updating software, and adopting secure IT infrastructures, you can significantly reduce the risk of a cybersecurity incident. Regularly checking and updating your security measures will ensure your business remains protected.
Read also:
- Cyber Attack Nets $14 Million from WOO X Across Four Different Blockchains
- Nigerian Securities and Exchange Commission (SEC) teams up with Chainalysis to combat cryptocurrency fraud activities
- International marketing firm We Are Social intensifies global strategy for gaming industry
- Server Hazards: Top 4 Pests Imperiling Your Data Center and Preventive Measures
