By Alain Penel, Regional Vice President – Middle East, Fortinet
2020 was one of the most unpredictable years in the history of cybersecurity – and also one of the most vulnerable. We saw spikes in cyberattacks against remote workers, online classrooms, and workplaces as networks expanded due to a widespread shift to telework – something that nobody could have fully anticipated or prepared for. CISOs had to rapidly adjust their security strategies to these increased threats and new work realities, with little room for error.
There have been ups and downs, but no tough moment comes without a much-needed lesson learned. With that in mind, here is a recap of some of the most important cybersecurity lessons in 2020 that CISOs can (and should) learn from.
Common Threats Gain New Life
There were two main effects the pandemic had on work environments in 2020 that led to increased phishing and malware attacks. The first was the increase in employees working from home, often on personal devices with minimal security. The second was that human emotional vulnerability, which phishing attacks have long relied on, was amplified by stressors related to the pandemic and the shift in the work environment. The 2020 Remote Workforce Cybersecurity Report showed that nearly two-thirds of respondents saw an increase in breach attempts, with 34% of those surveyed having experienced a breach during the shift to telework.
Unsecured Home Networks: Within the confines of a corporate office, company IT infrastructure can be more easily safeguarded against threats. But more people working from home introduces personal computers, tablets, and phones, as well as various internet of things (IoT) devices on home networks into the larger corporate network. This creates a host of vulnerabilities bad actors can exploit that they did not previously have access to.
Social Engineering: Phishing has long relied on social engineering tactics geared toward exploiting the weakest link in a network – humans. Appealing to intense emotions makes it much more likely that someone will click on a link that leads to a malware attack. In addition, cyber criminals are now making use of basic artificial intelligence (AI) and machine learning (ML) to refine their traditional “spray and pray” tactics. By measuring which types of attacks, which messages, and which links and attachments targets were more likely to click, cybercriminals have been able to modify and optimize phishing emails to ensure maximum impact.
Reflecting on Critical Cyberthreat Trends from 2020
While the pandemic is identified as a driving factor, other new threats have emerged as well. Key takeaways for CISOs include:
- The coronavirus led to pandemic-themed phishing attacks and scams that employees should be made aware of.
- Web-based malware used in phishing and other attacks also increased. While this was on the rise prior to the pandemic, as more people surf the internet from home devices these types of attacks are gaining a stronger foothold.
- Consumer-grade routers and IoT devices were a common point of exploitation due to an increase in employees working from home and connecting to the enterprise network from personal devices.
- Currently, 2020 is on track to shatter the record for disclosed vulnerabilities, though the ratio of vulnerabilities with active exploits still remains low.
Solutions for Structuring a Secure Telework Business Model
Lessons learned during the early days of the pandemic can inform solutions for secure telework moving forward. In addition to critical baseline solutions many teams implemented when remote work first became widespread in 2020, CISOs should plan for additional security solutions in their 2021 strategies and include taking the following measures:
- Multifactor authentication (MFA) provides another layer of protection as it requires additional verification of end-users.
- Endpoint detection and response (EDR) is another critical security factor that provides proactive identification of threats on endpoint devices.
- Particularly useful for networks with IoT devices, network access control (NAC) allows users to view all devices on a corporate network and control them using dynamic and automated responses.
- With a Secure SD-WAN solution, companies can rapidly and securely choose the best communication path for their users at any given time. This strategy supports the changing communications patterns of remote workers, especially as telecommuting becomes more commonplace.
Create a Human Firewall by Educating Remote Workers
While implementing a robust security strategy may lay the foundation for safe remote work, it is important to note that the human factor has long been the weakest link when it comes to protecting against phishing and malware attacks. Information security awareness training can help CISOs ensure their employees become more cyber aware. Building a human firewall by sufficiently training remote workers creates a critical line of defense against attacks. By prioritizing training and collaboration between departments and the security team, CISOs can lay the groundwork for a strong culture of security.
Building a Culture of Security
The shift to remote work has created a more complex security landscape that will require significant focus and resources moving forward. One of the biggest tasks ahead for CISOs in the coming months and years is going to be to work closely with other parts of the organization to instill a real culture of security. Adaptability, innovation, and open minds are key.