CYBERSECURITY IN THE AGE OF COVID-19
Updated: Jul 17
HOW THE PANDEMIC ERA HAS RESHAPED THE SECURITY LANDSCAPE
During the novel coronavirus pandemic, senior leadership for firms across the globe are grappling with an emerging security vulnerability: threats caused by a rapid expansion of a distributed workforce due to COVID-19. As employers have increasingly relied on personnel working from home to help combat the spread of the virus, the one-size-fits-all security practices have failed to reduce data breaches and ransomware activity, as well as spot compromised environments, as attackers move unnoticed and laterally within them. More than ever, senior leadership must consider cybersecurity when making profitability and growth decisions; sometimes, however, they lack a full understanding of how cyber risk can affect their business.
To respond to this new normal, senior management is placing more weight on security and risk management, spurring an unprecedented, more aggressive leadership style that demands greater effectiveness from their security apparatus. Boards of directors, for example, regularly examine and ask key questions about their firm’s security posture. An industry study, however, noted that those who are equipped to solve pressing cybersecurity problems are in high demand but short supply, a shortage that continues to be a problem for companies in all industries and of all sizes. As a result, more companies are turning to outside experts for a greater insight into how to survive a more hostile cyber environment with a workforce that is unprepared to work remotely.
From Sovereign’s perspective, it is not just for the lack of cyber risk awareness at the C-suites and boards of directors’ levels, as has been reported. Our experience shows that much of the problem involves the scarcity of dependable insight and the proliferation of half-truths in the form of “public information.”
As employees are increasingly working from home, security practitioners are asked to fortify their organizations beyond their companies’ cyber perimeters. Of course, network and data security for a remote workforce is not a new challenge. The exponential growth, however, of the organizations’ information system topography due to the unexpected expansion of a distributed workforce has amplified these challenges. Poorly defined rules and regulations for working from home have also affected cyber incident reporting by end users, such as data breaches.
To respond to threats and vulnerabilities emanating beyond the clients’ cyber perimeters, Sovereign Intelligence utilizes state-of-the-art artificial intelligence to analyze a firm’s risk anomalies across the entire public Internet domain to include the darknet, file-sharing networks, social media and geolocation datasets. Sovereign’s proven capability tracks and analyzes Command and Control (C2) infrastructure designed to discreetly manage unauthorized key-logging, screen-logging and other malware used to compromise clients’ domains and network assets. Sovereign also deploys advanced technology to search the Internet for poorly-secured third-party databases storing customers’ private data. Sovereign provides both insight regarding vulnerability attributes and threat information to help clients secure their information systems and comply with data-privacy regulations.
We have learned from the post-COVID state-of-business period that choosing a proven capability to illuminate indicators of threat vectors targeting organizations, resulting in, say, loss of intellectual property and third-party vendor risk is vital for the health of the organization. Equally so, to be more prepared to 1) explain the business impact of risk management decisions backed by real evidence; 2) outline and address weaknesses or gaps; and 3) provide effective mitigation plans, it can only help CISOs when they are armed with insightful intelligence backed by proven technology.