Learn more about the role infosec plays in keeping businesses running smoothly and resiliently in the face of this global health crisis.
In these times of the COVID-19 crisis, businesses must go back to the basics. That means understanding how to provide the best-in-class customer service, taking care of their employees, ensuring robust Information Security, and being resilient to this disaster. These all revolve around making sure that your business continuity is up to snuff. While it is possible that you may not experience any disruption, you might as well plan ahead.
In the pre-coronavirus days, business continuity usually involved conducting disaster recovery drills. It also meant setting up duplicate data centers to activate if the main data center became unavailable. Those days are behind us now. Not to be alarmist, but we are living in different times, and we have to think of continuity in a new light. The notion of having a “headquarters” staff working “on your network” takes on a different meaning.
In my blog post on 17 March 2020, I outlined what my journey was like toward supporting this new working environment. But building a resilient business is a lot more than just figuring out how to set up a VPN and produce a few web conferences.
Key Steps to Strengthen Your Cyber Resilience
Continuity ensures your processes, applications, and data remain intact, regardless of internet connectivity or server issues. Do you even have a current list of your business-critical applications? Probably not. Just look at any of the number of ransomware victims over the past year. How many of them couldn’t get their systems restored because they forgot to do backups of forgotten systems? We are operating on a larger scale and that means solving potentially more complex problems.
As I mentioned in my blog post on 21 October 2019, last year we discovered a network intrusion we called Abiss that began in May and wasn’t recognized for several months. Granted, this was a very sophisticated attack designed to elude our tracking systems. Although no customer or sensitive data was compromised, it prompted me to review all our monitoring systems. We redesigned them to improve response times for future intrusions. Additionally, we are taking several other steps to become more proactive and enhance our resilience for better continuity.
These include:
- Make sure your network and your employees can support remote working. I am noticing that a lot of companies have not sized their connectivity for remote working to encompass their whole workforce. The resulting stress on their network inhibits remote working. Just as challenging if it fails, do your employees have sufficient bandwidth to do their work?
- Make sure your team is ready to work remotely. I am also seeing a lot of end-user challenges. People lack the right software and don’t know how to access their applications. They are also unfamiliar with remote working protocols for VPN use, authentication, and application access.
- Improve phishing awareness education and training. One phished email can bring down an entire network, and all it takes is a few milliseconds to misjudge the email and malware has found its way to one of your endpoints. We have put together our awareness training, and we do it often. This is because we know our environment best and we can easily create very believable emails that can serve as a teachable moment for our staff.
- Teach your staff to think like hackers. The more your staff can understand how a hacker thinks and tries to worm their way into your network, the more resilient you will be.
- Gamify learning. We have to make learning about cybersecurity fun rather than a chore. This means your staff will be more motivated to widen their knowledge and understanding of the issues. Not everyone is a cybersecurity specialist, nor wants to play one on TV. I also try to give our people tests sparingly — such as only when they have completed our training courses to see if the knowledge has stuck with them.
- Build a functional security operations center (SOC), not just a stage set. A SOC should support your people, not have ten thousand screens that are pretty to look at but that say nothing. The utility of a SOC is to be able to provide subtle clues that something is wrong with your infrastructure. As an example, you may still have firewall rules that allow for malware to enter your network. Whether you have your SOC or outsource it, its capabilities should match what is going on across your network. Critically, your SOC also needs to be remotely enabled.
The Ongoing Journey to Cyber Resilience
Improving your business resilience is a journey, not a destination. If you take these above steps, you can improve your cybersecurity and help ensure your business will not only survive but thrive in the future.
By: Jaya Baloo, Guest Contributor
Contact vTECH io today to strengthen your information security and ensure your business remains resilient against cyber threats. Our expert team is ready to help you safeguard your operations and maintain continuity in any situation.