An insatiable appetite for digital transformation and cultural change is impacting the threat landscape and pushing cybersecurity boundaries out of the office and into our homes.
We are getting to the point where our demand for home working, access through the Internet of Things (IoT), and operational technology is outstripping our ability to secure it.
The pandemic has also created virtual, physical and emotional challenges that are above and beyond the normal concerns of a security professional. Key challenges include a greater and more determined ability to distract or disorientate busy individuals, making them more susceptible to attack, compounded with being unable to imprint or replicate organisational cybersecurity at home. This often results in people taking unnecessary risks that go undetected until it’s too late.
Although we are gradually moving back towards a more normal working environment, the genie is well and truly out of the secure bottle, and has no intention of going back in. From a cybersecurity perspective, this is being even further stressed as consumer fraud rises.
Sophisticated criminals are increasing their efforts to target the supply chain, with access to the dark web, cheap commoditised tools, and payment methods such as cryptocurrency, making this an ever more attractive route of attack.
Siloed approach
At a strategic level these threats are further complicated by an increasing political and cultural divide between international governments, public bodies, agencies and businesses, all due to the uniqueness of cyber risks.
National and international communities are now often taking a dangerously siloed approach to meet their objectives. Governments are looking at norms in cyber space and global growth; agencies at the intelligence dividend; regulators see only resilience and consumer harm, and businesses tend to focus on immediate risks, rather than wider sector issues.
As the lines increasingly blur between these factors, the borders separating security are similarly becoming more difficult to see.
At a tactical level there is clearly a strong link between working from home and the growth in virtual private networks and remote-working attacks. Cyber threats are quickly gaining in number, typology, persistence and complexity, all of which makes many existing controls and business continuity measures ineffective, often making the speed of post-attack discovery a significant vulnerability.
Basic cybersecurity steps
Despite this, taking some basic steps can make the cyber villain’s task much harder:
- Listen, talk and share
There is lots of free help available for organisations to develop strong cyber security procedures, ranging from enhanced frameworks through to technical guidance. Talk to your peer organisations—good cybersecurity is not a competitive advantage—and find ways to share and exchange information across your sector, industry or even location. If something goes wrong, reach out for help. - Choose a framework
There are many cybersecurity frameworks of various scope and size to choose from, from cyber essentials through to ISO and NIST. Find one that suits your needs and use it. A lot of time and effort has been put into developing these and the best ones are proven to be highly effective in providing guidance and ways to measure your cyber maturity and controls. - Own your digital footprint
Have and leave good “digital footprints”—the information that exists on the internet as a result of an individual’s online activity, set security settings on apps, programs and equipment and conduct a cyber MoT at least once a year. - Back it up
What you produce and own is valuable, more than you realise until it’s gone or no longer accessible. Use the “3-2-1” method—keep three copies of your data, store two copies on different storage media, and have one located off-site. - If in doubt delete it
The majority of cyber-attacks begin with phishing or social engineering. Never think twice about deleting a message or other online approach if it doesn’t feel right. If it’s that important, the sender will follow up again. - Stay up-to-date
Update all machines as patches and fixes become available. Where possible automate the process so nothing gets forgotten, and make sure you get notified every time this happens.
If security was the only thing that mattered we would never be able to connect to a network of millions of potential colleagues, partners, clients and all of the invaluable information that comes with this. Unfortunately this also potentially opens the door to a host of possible attackers, but we can operate in a safe place as long as sensible controls are put into place.
Don’t allow yourself to be the wounded gazelle, lingering at the watering hole as the lions begin to circle. Learn how to stay alert and run with the herd.
Cameron Rogers is professor of cybersecurity at the University of Gloucestershire.