Are you ready to respond to COVID-19 Cyber Threats?
Tips and Best Practices for Overall Cybersecurity
Are you one of the many companies quickly adopting new work approach, including Work From Home/Remote Work, Here is our best advice for maintaining continuity of your business and keeping the bad actors and threats away.
Working remotely is no longer an optional part of your business it is now a business-critical practice. Balance the work delivery with diligence in ensuring security practices are maintained to keep data and systems safe.
You don’t want to keep your employees vulnerable in what is now a mission-critical situation.
Install a Multi-Factor Authentication (MFA)
Credentials stealing and abuse is at the root of most attacks involving remote access services. If possible, make sure your company is using the combination of Multi-Factor Authentication (MFA), Virtual Private Networking (VPN) technology, and MFA for all cloud base services including your office365 and similar cloud services.
Controls in place to Detect and Prevent Phishing Emails
Bad actors are now on verge of using phishing emails as a way to get into your network and employees are getting targeted. Have a phishing reporting mechanism in place, keep educating your workforce not to click any link or attachment, if they are not sure about it. Increasing security controls on your email communication.
Keep Endpoints Updated with latest AV definitions
Make sure that your endpoints are up to date with the latest AV definitions and intrusion detection rules to prevent modern days attacks.
Geo-Fencing Monitoring and Response
If you are not a company that doesn’t have a global presence this something might be interesting to you, have your firewall ready to tackle traffic coming from unusual geo-locations that you don’t have business or employees working from and actively monitoring and block those. Create more sophisticated rules on endpoint IPS and on Network IDS/IPS to monitor and block unusual traffic.
Increase monitoring and visibility across this unique ecosystem including endpoint, network, and cloud services and task cyber protectors with actively seeking threats and re-entry efforts. In combination, this can provide a momentary mitigating control while the company works through the challenge of responding to the event.
Incident Planning in the New Virtual World
You are unquestionably discussing contingency planning as part of your business continuity plans. I want to inspire you to also incorporate cybersecurity contingencies in that conversation.
Do you have a cybersecurity emergency information, management and response plan?
Can you correlate multiple stages of an attack that could lead to a catastrophic event (e.g. ransomware) and neutralize the problem early, before it becomes a disaster?
We know our VTINFOSEC customers depend on us. Our teams around the world are committed to being your cybersecurity partner in this digitally connected world—the larger WE simply cannot allow threat actors to exploit this crisis. Our communities are already fragile, so we cannot tolerate anything that results in additional financial burden, business disruption or patient care risk.
Good cybersecurity practices will carry you through. We will be alongside you every step of the way, protecting the progress of our customers so you can stay focused on being there for your employees and customers.