Where to Focus

1. Email Security
One of the largest and most exploited vulnerabilities that an enterprise has is email security. Deploying new devices to try and stop spam and phishing helps; however, technology cannot stop all attacks. We will need to help our users better understand how to recognize malicious emails. Attacks in the coming months will likely appear through a variety of phishing scams, with emails like; ‘overstock on toilet paper - buy here’, ‘low home financing rates, pre-approval’, ‘new work from home policy’, ‘tax benefit - pandemic support’, and the list will go on.
Focusing on providing users with the guidance needed to protect themselves, and how to recognize these attacks, will help reduce company exposure and protect personal assets. Start by setting up a program that offers tutorials and exercises on how to recognize a phishing or spam email. Employ fake corporate phishing emails. Test users on what they’ve learned to help them not only retain the information, but also to give them satisfaction when they correctly identify suspicious emails.
2. Tool Configuration
Many enterprises have the tools in place to monitor and help mitigate attacks. Keeping a closer eye on these rules and alerts will help stop any active attacks. While monitoring what is already in place, review the rules and alerts that are active in the environment. Adjusting them or adding to them as needed can help broaden the types of attacks you are mitigating against.
Instead of relying on an alert to come to a person, assign someone to work in the tool and actively monitor trends and activities. This can help create an early warning for something that could become more serious. Since many of us are stuck at home, and some activities may be lighter due to the lack of in-person meetings, repurposing roles to focus on what our tools are telling us can help give employees purpose and limit exposure.
IT support personnel may be aware of what is normal in your environment. Allowing them to partner with the security team to monitor the tools not only gives them an opportunity to expand their skillset, but also offers a fresh perspective. Having new eyes reviewing dashboards and investigating in these tools (in a read-only privilege group until everyone is comfortable with their skillset) can shine a light on new gaps.
3. Chat
Working from home can be difficult, and people can get caught up in their own personal tasks without regular collaboration. Keeping open lines of communication can bring teams together. When reviewing collaboration tools, make sure there is a secure channel and communication and file-sharing methods are over a VPN or other security tool stack. With more and more of us working from home, these chats are becoming more extensive and frequent. Ensure these communication exchanges are not occurring outside of secured networks. This is especially important given chats are often used to discuss issues or problems and may contain data that is confidential. If an individual team is continually discussing confidential information with one another, having a dedicated and secure video conference line may be a better option.
Prioritizing email security, tool configuration and chat can help you more effectively combat COVID-19 related campaigns waged by an increasing number of opportunistic attackers. The outcome of doing so will result in more secure security operations.
Blog courtesy of Optiv Security. Read more Optiv Security blogs here.