Staff working from home for extended periods are more likely to forget the security culture that surrounded them when working on-site. In many cases, their computers will not be physically secure, nor will they be configured and maintained in accordance with a Secure SOE. But the real challenge is that these staff will be receiving all manner of COVID-19 phishing emails, and they’re very likely to go web surfing in their spare time, putting them at risk of drive-by and watering-hole attacks.
In the second-last week of March alone, the ACSC and the FBI have warned of an increase in credential-theft attacks related to COVID-19. And we saw attackers breach Norwegian Cruise Line, shut down health services in Europe, and begin to release confidential information after knocking an Australian logistics firm out of action with (unsurprisingly) yet another ransomware attack.
Our own tests show that when users do not receive security awareness training, between 60% and 80% will fall victim to a well crafted attack.
DotSec provides security awareness training, including phishing and reporting, through either your or our on-line training portal. DotSec’s Security Awareness Courses are customised to include full, customer-specific details so that attendees immediately relate to the information being presented.
All courses are professionally presented, entertaining, and receive consistently positive feedback.
With the increasing numbers of staff working from home, your sec-ops team are now in fire-fighting mode, and are being overwhelmed with configuration and deployment tasks, and a huge spike in support calls from the huge, newly-deployed pool of work-from-home users.
The attackers will know that the sec-ops team in every organisation is now flat-out just keeping the business afloat, and they’ll know that the next few weeks will present them with the opportunity of a lifetime. According to IBM and the Ponemon Institute, the average time taken to respond to a data breach in 2019 was 279 days, with an average breach cost of nearly US$4M! For local examples, one need look no further than this helpful summary page.
It’s clear that organisations that do not do SIEM well are unlikely to notice a compromise at the best of times, but in today’s now-chaotic world, it’s certain (or pretty close to it) that those businesses will fail to notice an attacker’s activities moving quietly inside the swirling storm. And COVID-19 will not be useful as a mitigating factor when breaches need to be reported on and cyber-insurance assessors begin an audit of the breached organisation’s infosec maturity and adherence to best practices.
DotSec’s SIEM deployments are done on a fixed price and will reduce the likelihood that a system compromise will occur and, should such a compromise occur, that it will go unnoticed.
Or, if you prefer, DotSec can manage the whole SIEM infrastructure for you!
As the BAU requirements mount, the focus on longer term goals tends to slip. In particular, it becomes difficult to prioritise compliance and best-practice goals, even though the risk of ad-hoc and short-sighted decisions increases without a solid security framework.
With just an hour of your time, DotSec can help you to identify areas of risk and reset your priorities, by conducting a brief cybersecurity maturity assessment that will allow you to gain a quick understanding of where your organisation should prioritise its infosec efforts. We use an independent, industry leading solution for our maturity assessments to give you peace of mind and comfort that the assessment isn’t simply a DotSec-canned, pre-sales exercise. And perhaps best of all in these work-from-home times, we can complete the assessment remotely using the assessment tool’s on-line dashboard and the Zoom on-line meeting service.
The assessment report is perfect for an executive and Board audience because it is succinct and to the point, with clear summaries and graphics that will allow decision makers to easily prioritise their time, human resources and budget amidst the current noise and confusion.
Working from home at least a few days a week provides a great opportunity for improved work/life balance. Unfortunately, a distributed workforce can be risky from an infosec perspective: Many is the time that a general or catch-up discussion has led to the identification of an issue that needs to be addressed, or an opportunity for strategic improvements.
In order to fill this gap at least somewhat, you can request on-line sessions using Zoom that will allow you to chat with out infosec experts about whatever infosec challenges you may be facing.
Aspects of information security such as phishing, awareness training, vulnerability management and SIEM are likely to be highly relevant, especially where an organisation’s remote workforce has grown rapidly and now includes newly-remote employees who are not infosec experts, who cannot be relied upon to maintain systems securely, and who may well be spooked into clicking on just the wrong link because of some alarming (or fake) COVID, holiday or restructuring news.
Please contact us and we’ll book something in.
The CIS Controls are a set of internationally-recognised, best-practice security recommendations developed by a community of information security experts.
The controls are organised into 18 control categories, or security domains (listed in Annex A) and are ranked in terms of priority by their allocation to one of three implementation groups. Implementation groups (or IGs) provide a way for organisations to assess and improve on their security maturity over time.
To help your organisation align with the CIS Controls, DotSec can provide you with specific, actionable recommendations that are practical to implement.
The Essential Eight is a set of eight controls developed by the ASD which are designed to protect (primarily) Microsoft Windows-based internet-connected networks. Organisations who want to protect themselves against various cyber threats should aim to meet a target maturity level that is suitable for their environment.
DotSec can conduct an assessment of your computing environment with reference to the requirements of an appropriate ASD Essential 8 maturity level. We can then help you to create and/or update and improve appropriate policy, procedure, standards and planning documentation to reflect the improvements that you have made while meeting your target ASD Essential 8 maturity level.
Major compliance frameworks and guidelines (such as the PCI DSS, ISO 27001, CPS 234, and the ISM) and insurance policies recommend or demand that security awareness training is done on a regular basis, both at onboarding time and at regular intervals after that.