As data security threats multiply, here’s how CISOs should respond

others   |   
Published December 1, 2020   |   

As businesses all over the world have taken steps toward digitization in the past decade, the amount of data they’re generating has grown exponentially. That data, combined with the latest in machine learning and analytics technology, has turned into a significant revenue driver for many of them. It’s also turned into a prime target for hackers and all manner of ne’er-do-wells. And although businesses have put more effort into keeping their data secure in recent years, the threats they face have only grown.

And then, the COVID-19 pandemic struck and threw everything into chaos. Suddenly, all kinds of businesses were forced to reinvent their operations in a desperate bid to keep working. And without a doubt, that upheaval threw most data security procedures into disarray, to say the least. So now, as the pandemic continues, CISOs in multiple industries face the challenge of securing vast new attack surfaces and minimizing the chances that their employers will suffer a data breach in these unprecedented times.

Here’s an overview of what the current threat landscape looks like, and what data security measures might need updating right away.

A Rising Threat Level

To almost nobody’s surprise, the beginning of the pandemic brought with it a wave of cybersecurity threats. According to the FBI, the number of cybercrime reports increased fourfold at the outset of the crisis. And in the months since, while the number of coronavirus-specific threat reports has waned, the danger that businesses face has not.

Many of those threats revolve around hastily-created work-from-home strategies, which have seen legions of workers using their own personal computers to handle their employers’ data. That shift has opened up a variety of new attack vectors that data security specialists now must contend with. From a lack of data access controls on said personal devices to a patchwork of remote access solutions and communication platforms – it’s a target-rich environment. Here are the specific threats CISOs must focus on.

Developing Situation-Specific Security Training

Although the situation has created multiple major headaches for CISOs, the biggest among them is undoubtedly the need to develop new employee data security training that’s specific to the present situation. And all indications suggest that it’s something that’s still lacking. According to a recent survey by antivirus firm Kaspersky, some 73% of newly-remote workers haven’t received any new security awareness training since the pandemic began. That lack of employee empowerment is a glaring flaw that CISOs have to move to correct – immediately.

Securing RDP and Other Vulnerable Protocols

Another issue that CISOs face right now is finding ways to harden their remote access systems against attack. Of particular concern is Microsoft’s widely-used RDP protocol, which powers terminal servers and workstation remote desktop access. Statistical analysis indicates that there’s been a dramatic spike in brute-force attacks on the protocol since late March. And there’s no sign that the threat is going to go away anytime soon.

In response, CISOs need to make sure to invest in the hardware required to support secure encrypted remote access for all employees. That means getting VPN solutions up and running that can support the required number of users and that can handle the traffic they’ll generate without slowing to a crawl. And while smaller firms might be tempted to cobble together an affordable option using the free VPNs on the market, it’s important to note that securing business data requires complete end-to-end encryption. Since only a VPN that terminates inside their network provides that – there are no shortcuts worth taking here.

Managing Cloud Platform Data Security

The same can also be said of business data spread across a variety of public cloud platforms. According to McAfee, attacks on those platforms have spiked by an astounding 630% in recent months. And within that data, they’ve identified the two most common threats as automated brute-force login attempts and persistent excessive usage from anomalous locations.

To respond, CISOs should take the time to build access control lists to block access to their cloud services from countries where they don’t have any employees. Although this won’t stop the attempted attacks (since hackers have access to VPNs too), it will at least cut down on the volume of threats. To deal with the rest, though, they should tighten user policies to include two-factor authentication wherever possible and to lower lockout thresholds associated with repeated login attempts.

The Bottom Line

The reality here is that the pandemic isn’t creating any major unknown data security threats – yet. What it is doing is turning known threats into tidal waves of attacks that can easily overwhelm the disrupted defenses of businesses. But by taking the right steps to thwart the major attack vectors identified here, CISOs can at least buy enough time for their organizations to get their bearings in this new security environment.

That should give them the ability to hunt down whatever business-specific threats they may be facing and to address them in a calm and thoughtful manner. And with some luck, they’ll emerge from the other side of the crisis in even better security shape than they started in – turning a net negative into a bit of a positive, at least.