There has been a panic situation across the world due to a pandemic that has spread faster than a forest wildfire. It has forced everyone to work from home, from entry-level executives to senior officials. This quarantine situation has got quite a few IT and security leaders uneasy. Before this scenario was forced upon us, government officials have largely been conducting their work within the confined space of the four walls, under the supervision of IT and security professionals. With cyberciminals taking advantage of this situation, matters have only gone from bad to worst, not only are they trying to siphon off sensitive data but they are also trying to spread misinformation and to erode public trust.
With government officials also forced to work from home it is highly important to protect and support employees as much as possible, through training, adoption and other security initiatives. Rather than putting together a security initiative at the last moment, government agencies should focus on the following key areas.
The eternal romance between emails and a cybercriminal
Given that the entire workforce of various government agencies have shifted to emails for their day to day operations, cybercriminals have launched increasingly sophisticated attacks through this medium. Threat actors can impersonate a high ranking official, business applications, third-party vendors or even a charitable organization and trick people into sharing their credentials, delivering malware, or sending them money. Virtual mailboxes have been rendered vulnerable due to risky behavior, weak passwords and lack of multi-factor authentication.
Auto forwarding email addresses, owning the rights to more than a few email addresses and having the access of mailboxes of other departments can be deemed as risky behavior. IT and security teams can train employees to proactively secure sensitive information before it could lead to anything bad and monitoring employee’s mailboxes can go a long way into doing that. Being aware of email activity that is not normal can also help reduce spam or social engineering tactics which are common among today’s digital threats.
Realizing, threats can be internal as well.
Cybercriminals are not the only ones who are responsible for data breaches, they can be caused by a current employee as well. Although this doesn’t mean that someone internally does something on purpose but mentioning someone external on an email with sensitive internal information can also qualify as a data breach. The chances of this happening rise exponentially when working in a fully remote digital workspace.
The most common example that leads to such a breach is when employees feel that IT and security professionals are trustworthy and can at times give a higher level of privileges to people who might not need it. This leads to the kind of breach that has been mentioned above, which is not always intentional.
Giving role-based access to only grant privileges that are absolutely necessary to that employee and not just an IT employee is the first line of defense against insider threats. For the non-IT employees, such conjunction with the minimum privilege access policies could help the government agencies to minimize risks and track who is accessing which files to prevent inappropriate sharing of data and other malfeasance.
Basics Instinct – Patch Management.
The most successful breaches that we have seen have been recorded against unpatched or legacy computers. In order to establish proper cybersecurity foundations, it is important to keep operating systems and applications updated. However, we have seen in the past that government workers have devices that are not always updated. Systems are only secure if they are using only updated software and operating systems. The IT department is responsible for keeping software updated along with the antivirus tools that keep the systems and devices protected.
Handheld devices have similar concerns since almost every government employee who is working from home in this crisis is connected to the government network through their phones.
Even though the government may not adopt a remote working program once the pandemic is all dust in the breeze but it can lead to modern businesses adopting such an altered approach to their security plans for sure. It’s easier to manage security needs with some experience when it comes to government agencies. The government to look at this scenario as a pilot to the larger digital transformation that looms ahead of us.
To read more, please check eScan Blog