Cybersecurity in the Summer of Uncertainty

What is the new normal for security professionals in the Summer of 2020? Hint: It involves protecting a larger attack surface than anyone ever imagined.

Remote Workers Everywhere

More employees than ever are working from home and using routers, Wi-Fi modems and home networks that are much less secure than corporate environments. As one respondent of a recent ISC2 survey stated: “With a majority of the workforce staying home we all will need to rethink our policies and the compromises we are willing to make.”

DevOps Connect:DevSecOps @ RSAC 2022

The shelter-in-place directives that came about with little notice resulted in many newly remote workers accessing corporate networks and critical data with devices that would not normally be approved. Since March, the attack surface of many organizations has expanded to include employees’ home networks, other public networks they use, and a wide range of new endpoint devices.

The fact that most workers feel safer at home, so they aren’t as vigilant and tend to engage in less secure behavior than at work, adds even more risk. A recent survey of 3,700 ISACA members about the impact of COVID-19 found that 87% felt “the rapid transition to remote work … increased data protection and privacy risk” and 92% said “cyberattacks on individuals are increasing.”

New Cloud Adoption Increases Risk

The shift to working from home has created a massive surge in demand for cloud services. In tandem, the attack surface for most organizations has also increased. Before the pandemic, some enterprises had moved parts of their IT operations to the cloud, but the major shift experts predicted hadn’t happened quite yet. This all changed with COVID-19 and the shelter-in-place orders.

As organizations add many new cloud-based applications, services and data, cloud traffic is more at risk ever before. The result? According to the recent McAfee “Cloud Adoption & Risk Report,” remote attacks on cloud service targets increased 630% in the first four months of 2020.

Crown Jewels More Exposed Than Ever

How have security and IT team members tasked with supporting and protecting large numbers of new remote workers been impacted? Like their coworkers, security analysts and IT administrators are also working from home. Since many have of these resources have the highest levels of security access, they are the most desired targets of threat actors and are more vulnerable to attack than ever. Yet only 59% of those surveyed by ISACA think “their cybersecurity team has the necessary tools and resources at home to perform their job effectively.”

Threat Actors Having a Field Day

What about criminals and other threat actors? How are they taking advantage of COVID-19?

  • 71% of security professionals in a Check Point Software survey, conducted in April, reported “an increase in security threats or attacks” since the beginning of the coronavirus outbreak.
  • Phishing attacks have more than doubled globally, since February, and increased 600% in some locations, according to NetStar.
    • “Impersonation fraud increased by 30% in the first 100 days of COVID-19,” based on findings in “The State of Email Security 2020” report.
  • 95% of respondents to the Check Point survey said provisioning “large-scale remote access for employees” resulted in increased security challenges, and 56% reported that providing remote workers with “secure remote access” was a “top challenge.”
  • The rise in the use of cloud services adds even more risk, since most security teams lack the required skills to adequately secure cloud environments. 92% of companies reported a “cloud security readiness gap,” in the recent Oracle and KPMG “Cloud Threat Report 2020.”

What Can You do to Protect Your Attack Surface?

Current conditions are increasing your organization’s attack surface and threat exposure. It is more important than ever to have the right security technologies in place to quickly identify and thwart threats.

To protect your organization, you need complete visibility and insight into everything happening on your network. This requires a comprehensive network protection solution that delivers advanced threat detection, prioritized alerting and continuous feedback, and advanced proactive threat hunting.

As this historic year continues to unfold, the only given is that our new normal won’t be like it was before. Despite all the new risks, one thing that won’t change is that security teams will still be required to secure their networks.

*** This is a Security Bloggers Network syndicated blog from Bricata authored by Bricata. Read the original post at: