Coronavirus 2019 (COVID-19) has made it more difficult for organizations to fulfill their chief digital security functions. In a recent study from (ISC)2, nearly half (47%) of security personnel revealed that their organizations had reassigned them to perform standard IT tasks amidst the pandemic. This decision limited organizations’ ability to defend themselves against security incidents despite the reports from nearly a quarter (23%) of survey participants that security incidents confronting their organization had increased, as reported by Channel Partners. Additionally, the move arrived at a moment when 81% of professionals revealed that their organizations had categorized security as an essential function during the COVID-19 pandemic.
The findings presented above highlight the need for organizations to direct special attention to their digital security posture for the rest of the year. Many organizations are already working with reduced security teams, so they need to be prepared. I recommend organizations focus their security efforts on three specific trends for the remainder of 2020: Cloud Security, Data Privacy and New Tools/Ways of Working.
57% respondents told Flexera in a 2020 report that Cloud usage had increased in the wake of COVID-19. Approximately a third (31%) said that this usage had increased slightly, while about a quarter (26%) revealed that their organization’s use of the Cloud had grown significantly.
This growth in the use of the Cloud poses challenges to organizations. In its 2019 State of Cloud Security survey, The SANS Institute found the Shared Responsibility Model between Cloud Service Providers and their customers was “very clear” for only about a quarter (27%) of survey participants. Without a firm understanding of their responsibilities, organizations could fail to take appropriate actions to ensure their security in the Cloud. Simultaneously, they might waste valuable time, budget and resources on funding security measures for which the Cloud Service Provider is ultimately responsible.
The challenges don’t end there. In its study, Flexera found that nearly all (93%) of respondents had a multi-cloud strategy—on average, 2.2 public clouds and 2.2 private clouds. Nearly the same proportion (87%) of survey participants said that their organizations had adopted a hybrid approach involving both Cloud-based and on-prem assets, reported Virtualization Review. These types of environments make it difficult for organizations to uniformly deploy security controls across their entire IT infrastructure. In response, they need to find security solutions that will provide sufficient protection across all of their environments, regardless of physical location.
In the aftermath of COVID-19, video conferencing apps saw an increase in use as employees, students and just about everyone else found themselves confined to their homes. ResearchAndMarkets.com uncovered that those tools experienced a record 62 million downloads in March 2020, reported Business Wire. Much of those downloads originated from users who adopted Google Hangouts, Zoom, Microsoft Teams and other platforms as a result of the pandemic.
The problem is that many of those apps could threaten the privacy of organizations’ data. As noted by Palo Alto Networks, a malicious actor could target an organization’s video conferencing calls with a meeting bombing attack. They could remain quiet in an attempt to not draw attention to themselves while listening in on the participants, potentially learning or accessing sensitive corporate data in the process. Alternatively, they could actively phish for this type of information by submitting links to phishing sites within the app’s chat feature.
Acknowledging these risks, it's up to organizations to implement best security practices to minimize the exposure of data that’s discussed/shared during a call. Those recommendations may include protecting their video conferencing calls with passwords and using waiting rooms to screen potential attendees. They should consider disabling file sharing during calls and conduct a verbal roll call once each meeting has begun to weed out unwanted guests. You can learn more about mitigating those risks here.
New Tools/Ways of Working
As teams continue to work remotely, containers give developers the tools they need to share code that runs on a variety of processors. Container Journal shared how containers could continue to revolutionize app development long after COVID-19:
The expectation is that many… will shift to containers to make it easier to update and secure applications running on those platforms as part of the rise of the internet of things (IoT). Rather than having to update entire applications, containers can be ripped and replaced to add new functionality more easily as needed. That approach also makes it easier to remediate application vulnerabilities once they are discovered.
The issue is that containers suffer from their own security issues. They can be susceptible to vulnerabilities, for instance. Alternatively, organizations could be pulling down suspicious container images from untrusted sources, potentially exposing themselves to malware.
Organizations need to protect their containers from these and other digital security threats. StackRox have identified some best practices to help that include regularly scanning their containers for vulnerabilities and pulling down container images from trusted, private repositories only.
Remaining Open to Change
These three trends draw upon the observations of the security community over the past few months and years. Of course, not everything is predictable. In fact, it’s impossible for security experts to know exactly which threats will take form over the next year. It’s entirely possible that one of the developments explained above could become less of a concern for organizations as they shift their budget, time and attention to new threats that weren’t serious considerations just a short time ago.
Acknowledging this, it’s important that organizations stay abreast of how the digital threat landscape is continuing to evolve. The best way they can do this is by making threat intelligence feeds available to their security professionals. These tools will help their teams in their efforts to defend against emerging attacks and malicious techniques. Organizations should also invest in network monitoring tools so that Infosec personnel can leverage insights from their employers’ own infrastructure to craft better defense strategies and measures.
About the Author: David Bisson is an information security writer and security junkie. He's a contributing editor to IBM's Security Intelligence and Tripwire's The State of Security Blog, and he's a contributing writer for Bora. He also regularly produces written content for Zix and a number of other companies in the digital security space.