[BreachExchange] 4 Critical Responsibilities of a CISO Post COVID-19

[Destry Winant]

https://www.cisomag.com/4-critical-responsibilities-of-a-ciso-post-covid-19/

Since the outbreak of the novel Coronavirus disease, organizations
across the globe encountered dramatic changes in their business
operations.  The swift adaption of the work from home strategy has
increased the risks more than ever.  In addition, the ongoing crisis
has significantly impacted the role of CISOs and other security
leaders globally, making them digitally empathetic to deal with new
cybersecurity challenges.

The new cybersecurity priorities post COVID-19 that will become the
new normal for most CISOs, will include:

1. Securing Remote Employees

With organizations working remotely, the security of employees’
devices became a major concern for security leaders across the globe.
There was a rise in the need to secure endpoints,  as multiple access
points from multiple locations are connected to a corporate network.
However, the lack of security in remote work environments exposes
vulnerable devices to potential cyberattacks.  New security policies
have been created and certain permissions are relaxed due to the swift
change  in the remote work culture. Several industry experts stated
that the surge in remote work increased the risks of cyberthreats like
never before. The ongoing crisis forced CISOs to work uphill in order
to meet the risk assessments.

2. Quick Actions Required

The ongoing crisis has forced organizations to go digital, overlooking
potential cyber risks. These sudden developments could lead to
cyberthreats like DDoS, defacements, and data breaches. At this point
in time, it is essential for CISOs to patch the holes in their network
security as quickly as possible.  This indicates that product
research, purchasing tools, testing, developing, and deployment should
ramp up quickly. CISOs across the globe are now looking for security
tools that are configured instantly and easily to prevent new cyber
risks.

3. Tackling New Attack Vectors

The threat actors have reinvented their attack approaches during the
ongoing pandemic. COVID-19-related phishing scams, disinformation
campaigns, weaponized websites, and malware infections have become
widespread across the internet. Recently, a security firm discovered
that threat actors distributed malware disguised as “Coronavirus Map”
to steal personal information that is stored in the user’s browser.
Attackers designed multiple websites related to Coronavirus
information to prompt users to click/download an application to keep
themselves updated about the situation.

In addition, the number of ransomware attacks on remote workers has
also increased in recent times. Ransomware operators are forcing
companies to pay a high ransom in order to get decryption keys.
According to a recent survey, the average enterprise ransom payments
increased 33% ($111,605) in Q1 of 2020 from Q4 of 2019.

4. Security Concerns with Third-Party Applications

Endpoint security at home is not as secure as it is in the office.
Large swaths of remote workers are depending on third-party video
conferencing apps, cloud-based productivity tools, and other virtual
private networks during the lockdown. These are, in turn, exposing
remote workstations to potential vulnerabilities that already exist
within these applications.  Malicious actors are misusing  the crisis
to exploit the loopholes in third-party products and services. Several
privacy and security concerns associated with these apps resulted in
severe criticism and cyberthreats globally.

For instance, the Zoom videoconferencing app  was flagged unsafe due
to its vulnerability to cyberthreats.  Over 500,000 account
credentials of Zoom users are being sold on the darknet. According to
a research, hackers have shared a database containing more than 2,300
usernames and passwords of Zoom accounts on dark web forums. The FBI
slammed Zoom for not maintaining proper privacy and security measures
for its users. The authorities also warned that the video meeting app
is prone to hacking, as it contains certain unpatched bugs.

Conclusion

When employees work from office, they are protected by a strong
security infrastructure that has been put up in corporate network
systems. But when the same workstation is operated from a different
location and different network, it automatically increases the level
of risk.  At this moment, it is crucially important to build an
integrated cybersecurity architecture to secure the remote workforce.
It is certainly a greater challenge for security leaders to monitor
and protect the employees against malicious attacks with new demands
coming in due the changing business model.