Blog: Capgemini CTO Blog
Cyberattacks have increased fivefold since the start of the pandemic.
Alongside this, attacks on critical societal infrastructure have risen, including on hospitals and food delivery services. These organizations, until now not necessarily considered prime targets for hacking, are now lucrative targets for opportunistic cyber-criminals, looking to take advantage of civilian disarray and enterprise disorganization in a time of greater need.
However, just as these circumstances present an opportunity for cybercriminals, they also present a chance for cybersecurity teams to step onto the front foot. Attitudes to security have usually been conservative rather than innovative, but a good crisis helps people to step outside of their comfort zones. As the saying goes, pressure makes a diamond.
The ‘new-normal’ needs new training
The weakest link in cybersecurity has long been the human sitting behind the desk.
In the new remote working world, this vulnerability is more potent than ever. Without the protections and formalities of the office environment, it’s easy for employee cybersecurity diligence to slip down the priority list. Targeted phishing scams, illegal downloads, family members accessing company laptops and insecure WiFi are just some of the factors that cybersecurity teams contend with.
To mitigate these risks, security awareness campaigns and training are of the utmost importance. However, it’s not enough to simply send out an email telling employees to be on high alert for phishing scams. Training needs to be dynamic, engaging and ongoing. For organizations that have thus far neglected employee cybersecurity training, now is the time to make the change.
Solutions that relieve cyber analyst fatigue
More than 50% of organizations say their network security analysts were overwhelmed by the vast array of data points and end-point devices they had to track.
That was before coronavirus hit; the number of data points and devices will have exploded in the past two months. For security teams with identity and access management (IAM) protocols in place the result will have been an onslaught of false positives, triggered by employees logging in from different places. Not only is addressing these alerts tiresome for security teams, but there is potential for cybercriminals to get lost in this noise as their malicious behaviour goes unnoticed in a sea of alerts.
Introducing multi-factor authentication and reviewing single sign-on for critical applications will bolster security and reduce the number of false positives. Furthermore, implementing security orchestration, automation, and response (SOAR) technologies can help cybersecurity teams to define, prioritize and drive incident response activities with improved accuracy and speed. These cybersecurity solutions are well worth the investment, because while immediately effective in the interim, they also have long-term benefits like reducing the time to onboard cyber analysts and improving security and operations centre management.
The safe return
Securing remote working isn’t just about keeping data and systems safe while outside the traditional perimeter; it is also about preventing a Trojan horse scenario. Just as organizations perfect the security for a home set-up, employees will gradually start heading back to the workplace. This will create a new set of challenges. Another shift in working patterns could expose new weaknesses, while cybersecurity teams must be aware of – and mitigate – the risk of devices brought from home letting in malicious software. Cleaning each and every device, before it accesses the company network, will be essential.
Cybersecurity teams might feel like they’ve had little time to breathe as of late but, ultimately, the current crisis – however testing – is a window for learning and propelling forward innovation. Organizations are being pushed to bolster their security, embrace new technologies and find their blind spots. While the pressure is high, the investment and focus that companies make today will allow them to emerge stronger tomorrow.
Visit our Cybersecurity services page to see how we help clients build digital trust – transforming security into a source of strength and competitive advantage.