Hackers rarely let a good crisis go unexploited, and the coronavirus pandemic has proven to be no exception. There has been a dramatic spike in the use of COVID-19 themes by cyber criminals as a way to lure unsuspecting users into downloading malware. But it is critical to remember those attacks may just be the first wave of pandemic-related cyberattacks.
1. Security Basics
Have you conducted an internal security audit ?
If no: identify areas of your organization that need attention, determine threats, vulnerabilities and sensitive datas.
If no: audit urgently your system to fill security holes, locate and comply with industry regulations.
Do you have an easy way for someone to notify you about a security issue?
If no: put a security focused email address on your contact page. Follow the security.txt standard to make it easy for researchers to notify you of vulnerabilities they might find
2. Data Security
Do you know where your sensitive data lives and who has access to it ?
If no: automate data classification and locate sensitive files and folders. Map permissions to identify over-exposed sensitive info.
Do you have an audit trail of data access including who, what , when, where details?
If no: enable file and email auditing options, leverage a UEBA tool to identify anomalous behaviour.
Do you have a policy to review access to sensitive info?
If no: assign data owners responsible for managing acess to their own data.
3. Password security
If no: enforce strong password policies. Require to change their passwords every 60 days.
If no: implement it wherever possible, consider where data transfer between employees might be vulnerable
4. Account security
Do you restrict employee access to sensitive info unless needed?
If no: do it now! limit permissions to only those relevant to their jobs.
If no: identify which accounts are key targets for compromise and privilege escalation. Employ extra monitoring and behavioral analysis of critical accounts.
5. Device security
Are your IoT devices secured?
if no: update firmware regularly, disable UPnP and make sure your devices are connected to a separatenetwork from the rest of business
If no: implement a documented policy, include all smart devices including wearables, require employees to automatically update all their devices accessing the network
6. Endpoint security?
If no: implement a policy to update your data regularly and make sure your IT deparment is on top of emerging security threats
7. Security policies
If no: time has come. Train them on cybersecurity best practices, hold regular seminars to update and refresh their training.
if no: control access to data by allowing admin access sparingly, monitor vendors contractors and part-time employees.
If no: implement formal security policy into employee contracts and service-level agreements. Enforce and communicate ramifications for breaking security policies.
8. Disaster Protection
Do you have a contingency plan in place?
If no: implement drills to test it and ensure it is viable, review and evaluate your plan once a year to make sure it is up to date.
For any question on the subject, do not hesitate to contact us at firstname.lastname@example.org