By, Moti Sagey, Chief Evangelist
The world has changed
The Coronavirus/COVID-19 pandemic has impacted our entire working culture. A recent survey indicates that 95% of security professionals are facing added IT security challenges due to the coronavirus. The shifts were global, rapid, and widespread, including the following:
- Remote work as the new norm—country-mandated lockdowns (different terms describe this depending on the country e.g. shelter in place, isolation etc.) accelerated the transition of employees to work from home, allowing them to access corporate resources through secure access (e.g. VPN). At Check Point Software, for example, in just two weeks, 99% of the organization moved to home offices, for the first time in our history. And this was not a rare example. When asked about this “new normal,” 78% of our employees reported that their productivity was the same or even higher. In a recent Gartner CFO survey, 74% of companies said they intend to shift employees to work from home permanently. The first company to implement this was Facebook, announcing it will permanently shift 50% of its employees to remote work.
It appears this ‘new normal’ is here to stay.
- Collaboration tools use is “zooming” up—with face-to-face meetings no longer possible, people have been using collaboration tools such as Zoom, Teams, and Slack, more than ever before. Zoom, for example, had 10 million daily meeting participants in Dec. 2019 and by April 2020 they reported over 300 million—a whopping 3000% growth!
- Increased pace of digital transformation and move to cloud—A recent survey by Fortune magazine showed that 75% of Fortune 500 CEOs said the crisis forces their companies to accelerate their technological transformation with cloud resources at the top. At the same time, they need to add more elements to support their business operations. This created a— “Just Do it” mindset—as a new, pressing directive for their IT Departments. And as we all know, when projects need to meet the burning demand of connectivity, the inevitable question is—have we cut any corners?
If the answer is ‘yes,’ then your risk posture can be affected. This is a behavior you can ill afford to keep.
New work model heightens security risks
In its insight report on COVID-19, the World Economic Forum found that out of 350 of the world’s top risk professionals, 50% are worried by cyberattacks and data fraud due to a sustained shift in working patterns.
The changes described above produce several elements which influence the risk posture of the organization. Here are the main ones you should consider:
- Social-engineered attacks exploiting fear, uncertainty, and doubt—The World Economic Forum recently reported that the “demand for information on the new virus, accompanied by fear, confusion and even the boredom of confinement, has multiplied opportunities for cybercriminals to deliver malware, ransomware and phishing scams.” Check Point research teams found a dramatic rise in cyberattacks in correlation with the spread of the virus, and an alarming amount of phishing attacks trying to exploit this fear. Covid-19 is not just a virus, it is a major, successful, attack theme.
- The attack surface grew exponentially—With the rush to enable remote access to corporate assets, many companies allowed connectivity from unmanaged home PCs. Many of these computers lack patches, updated best-of breed anti-malware, or any kind of protection. The only “call for duty” these PCs have is the video game carrying that name. Given the restrictions imposed almost globally, many critical services were handled by individuals which were granted remote access to critical infrastructures’ management systems (e.g. water, trains, elevators and traffic lights). Additionally, personal mobile devices are now often allowed access to networks, and many apps are moved to cloud for scalability. However, many Infosec and DevOps teams rushing to the cloud didn’t scale their cloud security posture to the level of their traditional data centers. This gap has created a dangerous opening for hacking and cybercrime. The concerns appear justified. In May, 2020, cyber security researchers saw nearly 200,000 coronavirus-related cyberattacks per week, a 30% increase over prior weeks.
- Employees are now the “CISO” of their house—With the drastic shift to work from home, our living rooms are is now part of the company’s perimeter. Picture your 8-year old with access to your own network and files. In this situation, data is now more fluid. Every company must now rely more on each and every employee to guard the data. Maintaining your company’s previous security policies in this new age of the coronavirus is not viable against the increasingly more potent cyber attacks.
THE PANDEMIC WILL DISAPPEAR. ITS CYBER EFFECT WILL NOT.
The World Economic Forum and Zurich Insurance note, “Technology is enabling the ‘contact-free economy’ through applications such as telemedicine, on-line retail, and social distancing delivery methods such as click and collect. New business and employment opportunities are being created in these sectors, but a greater dependence on technology has also increased cybersecurity risks.”
In its analysis, the WEF warns, “We should prepare for a COVID-like global cyber pandemic that will spread faster and further than a biological virus, with an equal or greater economic impact.” The graphic below illustrates what Check Point Software researchers see as a parallel between the COVID-19 pandemic and the increased chances of a cyber pandemic.
Stay safe. Act now.
The trends of the coronavirus have dramatically changed the way we work, and these changes are here to stay. The accelerated pace of digital transformation, remote access infrastructure, and the rapid move to the cloud—are known trends by cybercriminals. When we change the way we work, we must adjust how we secure our work. Cyber security strategies must be revamped to meet our new reality.
Here are our top tips:
As we all know, vaccination is better than treatment. Likewise, in cyber security, real-time prevention is the key to protecting our organizations and employees from a cyber attack of cataclysmic, cyber pandemic proportions.
Secure Your Everything
Every part in the chain matters. Organizations must revisit and check the security level and relevance of their network’s infrastructures, processes, compliance of connected mobile and PC devices, IoT, among others. The increased use of the cloud means an increased level of security, especially in technologies that secure workloads, containers, and serverless applications on multi- and hybrid-cloud environments.
Consolidation and Visibility
So many changes in the company’s infrastructure present a unique opportunity to check your security investments. Are we getting what we really need? Are we protecting the right things? Did we miss a blind spot? The highest level of visibility, reached through consolidation, will increase effectiveness. You need a unified management and improved risk visibility to your entire security architecture and this can only be achieved by reducing the number of point product solutions and vendors.
Your cyber security solutions must be simple-to-use and easy-to-operate if you want to achieve the best protection. Here is a useful matrix to keep you safe.
|Change||Effect||Risk||Top Process/Technologies to mitigate (partial list)|
|Working from home||Personal mobile and computers provided access to corporate networks||Data breach (e.g. key logger, screen logger on pc/mobile)||1. Implementation of endpoint security and hygiene with compliance check (latest patches, AV…)
2. User training awareness (e.g. phishing simulation)
3. Mobile threat defense on mobile
|Rapid move to cloud||Speed of deployment on the expense of security||Basic security controls can lead to data loss and manipulation||1. Invest in Cloud Security posture management
2. Deploy workload security for containers and serverless apps.
3. Real time prevention of threats with IaaS security
|Critical infrastructure||Allowing critical infrastructure remote access||Critical infrastructure breach||1. IoT security for IoT devices
2. bolster network security posture with red team …
3. OT security with SCADA enforcement
|Increased network capacity||More throughput is needed to address data in motion||Lack of service
Network is down
|1. Invest in network security that scales according to needs
2. All protections must be enabled while keeping business continuity
3. Scalable secure remote access
To summarize, as we’ve all learned in the past several months, in times of crisis, we need to agile and act swiftly. The pandemic will wind down, but its effects are here to stay, and the best way for all of us to stay connected is by being protected. Today’s new reality requires us to continue to change and adapt. With cyber security now considered a business enabler, security executives will play a key role to navigate their organizations safely out the coronavirus pandemic crisis.
To read more what you can do about it with Check Point Security solutions visit our dedicated mini site with pragmatic tips and recommendations.
 “Several crises in one: what effects will COVID-19 have on the global risk landscape?,” by John Scott, Zurich Insurance Group, May 19, 2020
 “What the COVID-19 pandemic teaches us about cybersecurity – and how to prepare for the inevitable global cyberattack,” by Nicolas Davis, World Economic Forum, June 1, 2020