Defending against foreign adversaries and eCriminals
By Shawn Henry, President of CrowdStrike Services and CSO, CrowdStrike
When we began 2020, the threat landscape had already changed significantly from the same time last year. We saw from the CrowdStrike 2020 Global Threat Report that the eCrime ecosystem continues to mature and evolve, while nation-state adversaries are more relentless than ever. In the wake of the COVID-19 crisis, the threat landscape is once again on the precipice of a paradigm shift. Both eCriminals and nation-states are exploiting people's fear surrounding coronavirus by using social engineering campaigns to steal data and financial information.
While the vast majority of the workforce is now working remotely due to shelter-in-place mandates, the door has been opened to a whole new world of vulnerabilities to be exploited — insecure public WiFi networks, outdated and unpatched personal devices, noncompliant user access and permissions, and more. Additionally, businesses will begin reassessing operational expenditures to stay afloat through the health crisis, which may unfortunately lead to employee lay-offs or furloughs. Those threats are a challenge to detect, prevent and investigate, and without proper security measures in place these events can put sensitive company data at risk. There are three steps companies can take, however, to ensure they put their best foot forward in mitigating risk during these tumultuous times.
The key to securing a remote workforce is the cloud. The cloud gives security teams visibility across the company regardless of the number of home offices now comprising the workplace. It allows the team to remain agile when responding to incidents, enabling them to immediately deploy solutions to compromised devices and monitor from afar. Lastly, the cloud drastically simplifies security compliance across all devices — both personal and professional — as security teams can deploy patches and access permissions from the safety of their own homes.
At the end of the day though, humans know humans best, so a team of threat hunters — whether internally staffed or externally contracted — is a must-have in this world of remote work in order to cover your bases. These teams of threat hunters can detect "living off the land" techniques and ill intent by using advanced endpoint technology and big data analysis to identify nefarious acts.
Protecting a company from malicious threats goes beyond the sole responsibility of the IT security team. As C-suites and boards of directors find ways to protect the bottom line while navigating their newly remote workforces, there needs to be a united front across IT, human resources and other business unit leaders. These business unit leaders must partner to strategically inform and educate their boards of directors. This education must include, among other things, the growing and evolving risks which require adequate investment in security practices, tools and resources necessary to protect a company.
The COVID-19 crisis is uprooting normalcy in day-to-day business as we know it. However, that doesn't mean the capabilities you put in place to protect your business are lost in the wind. With the proper technology, people and processes, businesses can achieve and maintain a solid front of security against threats.