How are IT Security Teams preparing for the effects of COVID-19?
COVID-19/Coronavirus Cyber Security Checklist
- Do you have a Cyber Security Incident Response Plan?
- Do you have a SIEM in place that is configured, false positive alerts have been filtered out and you are actively receiving, responding to and mitigating/addressing alerts?
- Do you have a SOC team that has experience in resolving cyber security alerts?
- Do you have your data backed up that you would be able to rebuild from unaffected backups?
- When is the last time you confirmed this?
Situation
- Companies are closing down offices and having employees work from home to contain the spread of COVID-19.
Problem
End users are the weak link for phishing attacks. As companies close down offices and have employees work remotely (many for the first time), they have no control of the network their employees are logging in from.
Hackers will use this to their advantage:
- Employers have no control of the internet their employees are signing on from:
- Are they logging on from their home or a public network at a Starbucks?
- Is their home network secure?
- Who else has access to their devices? (the customer at Starbucks who says they’ll watch your laptop for a minute)
- End users often have sticker logos, backpacks, zip ups that let everyone know the company they work for and give an idea of the customers they work with.
- Are they logging on from their home or a public network at a Starbucks?
IT Security Threats of Social Isolation
- If an employee gets a suspicious email, they often turn to the person next to them to see what they think, they can’t do that at home or they may forward the infected email onto others.
Hackers will title email subjects to their advantage to get employees to open emails and click links.
- EXAMPLE- ABC Company COVID-19 Update- Open Immediately
- “ABC Company will be initiating an alternating work from home policy. We will rotate the number of employees in the office at all times. The schedules will be effective immediately, if you are working from home today, finish the remainder of the day at home. Individual managers will be responsible for setting up team meetings. Please click the link below to find out what days you will be working from home vs what days you will be in the office.”
Take Immediate Action
AIS Managed SIEM-90 Day Response Solution for COVID-19
- AIS provides a turnkey service for businesses with real time analysis of data sources (O365, Firewalls, etc.) to look for patterns of suspicious activity to alert for potential security risks.
- Features:
- SIEM deployed in 24 Hours and immediate alerting– no set up or configuration required
- 90 Day Term
- Two data sources included (Firewall and O365)- additional data sources extra
- Up to thirty (30) days log storage retention per 100GB ingested and retained
- Price $4,200
- Features:
Email Becca@aislabs.com.