You might think that during a global pandemic when so many organizations were forced to shut down or limit operations that cybersecurity threats would be relatively low. But think again. Instead, this year has seen ever-increasing threats. Kristin Verderame, Director of Government Relations for NetApp, shared her insights on this topic in an interview with GovDataDownload for National Cyber Security Awareness Month. Read on to learn more about why the pandemic has heightened the threat environment for federal, state, and local government agencies.
Earlier this year, COVID-19 put every organization into a tailspin as they scrambled to move remotely. Now, the Center for Internet Security and the FBI have noted that cybercriminals are taking advantage of this time by launching more phishing, ransomware, and malicious attempts to exploit remote work environments. Additionally, insider threats are evolving in this remote environment. This is why National Cyber Security Awareness Month (NCSAM), now in its 17th year, is more critical than ever.
The editors of GovDataDownload recently sat down with Kristen Verderame, Director, Government Relations for NetApp, to talk through the changing threats and the importance of cybersecurity education.
“It’s important to emphasize that while National Cyber Security Awareness Month is in its 17th year, many of the best practices they have outlined over the years are still applicable today,” Verderame stated. “Following the NIST framework and implementing everything from monitoring to patching vulnerabilities and backing up systems is even more important now that we’ve seen a rise in cybercriminal activity.”
While implementing cybersecurity best practices is always a good starting place, this post-pandemic, remote environment requires organizations to stay vigilant in securing systems. “This new remote environment created new opportunities for bad actors,” Verderame suggested. As such, she encouraged organizations to take every opportunity to protect remote endpoints, especially for organizations that provided devices for their workforce. “Employers have the ability to install security tools right on the device and require employees to use a VPN so there is greater protection built into those machines.”
However, in many cases, employees may be using their own end-point devices on insecure network connections, which is where threats are evolving in this new post-pandemic environment. Verderame pointed to three specific areas:
Phishing Attacks:
While phishing attacks are not a new threat, they have become more effective in a remote environment, according to Verderame. Instead of these emails coming from unknown sources, it can look as if the email and link are coming from your coworker. “If you don’t see your coworker every day and you get a random email from them, you can’t go over to them to ask about it. Without our regular connections and conversations, we are more likely to click on a link than we were before.”
Insider Threats:
Insider threats typically occur when employees, former employees, contractors, or other business associates gain access to inside information on the network or system and use it for nefarious reasons. “Insider threats are exacerbated by the pandemic environment,” Verderame observed. “Personal stress levels are elevated in this new environment and that leads to changes in behavior. In a typical environment, HR or a manager may notice changes in behavior, but in a remote situation, it becomes more difficult.”
When an organization is dispersed and remote, it’s easier to miss indicators. Verderame suggested that now more than ever, the responsibility of security must be a shared one throughout the organization. “HR must be a hundred percent integrated into an incident response and cybersecurity plan. It simply cannot be siloed from the security team.”
Ransomware:
The year 2020 has seen a doubling in ransomware attacks according to security researchers. One of the biggest attributes of this spike in activity is insecure networks and devices in a work-from-home setting. Utilizing robust cloud platforms and data management providers that offer built-in redundancy can be a game-changer to protect against ransomware in these remote environments, said Verderame.
This article originally appeared on GovDataDownload on October 13, 2020.
