For the last few weeks, Cybereason has been going through a transformation, like many other organizations across the world. Our team of security experts has been hard at work adapting to this new situation, but we’ve also tried to take it as an opportunity to help our customers and the community. That’s why we have created an entire webpage dedicated to free resources around maintaining secure business continuity. And today, we are releasing a guide with perspectives from veteran security professionals on how they think about security in the time of remote work.
Download the guide here any time. To learn more, check out the excerpts below, which are elaborated on within the guide by each expert.
For years we’ve heard in information security that “the perimeter is dead,” but now is the time that we test it. The IT perimeter definitely exists; we can point to firewalls and DMZs and a loose correlation in most companies between some types of digital assets and the physical boundaries of the company. But the notion that the perimeter can stop serious, advanced attacks has long been put to rest. The real test now is if the business can survive outside of the perimeter, immediately, and if so, how to secure it.
Older companies in particular have some functions in G&A, operations, manufacturing and other key functions that are still very much tied to physical locations and to older IT stacks that even when IP-enabled are still only allowed local access and interaction. ERP systems and some mainframe applications are good examples of this; it’s not that they can’t be enabled for remote access but rather that many have not been allowed access from beyond the perimeter.
There are three simultaneous problems to solve for any business faced with frightened employees or with customers and partners who don’t want to meet face-to-face. These are:
In our new guide, we address these one-by-one. But first, keep in mind that you don’t have to remove all risk. The golden rule is that companies exist to take acceptable risk for acceptable return on behalf of their shareholders.
- Sam Curry, CSO, Cybereason
Transitioning to 100% remote also affects the agility of the IT and security departments. Unfortunately, hackers often take advantage of global incidents to find new ways to attack. But now, defending against these attacks becomes more complex. No longer can an employee with laptop issues hand their laptop to IT and get a loaner. Realistically, IT may not even be able to ship a laptop to an employee in a reasonable timeframe.
Further, there are a lot of risks around enabling rapid support requests. Prioritization must come into play, and first and foremost, baseline operation needs to be successful. Every organization should maintain a local stock of computers that are configured and can easily be shipped to an employee in the event of an incident. The best way to approach this is to simultaneously implement strong computer hygiene to ensure users don’t install malicious software or take unnecessarily risky actions. Use a monitoring solution that monitors from the endpoint, instead of the network, like an endpoint security solution. Endpoint security solutions give visibility into malicious actions on the machine itself, remotely or on site, not limited to the network activity. Reducing risk comes from implementing a combination of security measures.
- Yonatan Striem-Amit, CTO, Cybereason
Don’t panic. This is perhaps the most important advice I can give. If you decide that your organization is switching to remote work, go over the checklist rationally and slowly. Make sure that all of your security systems (physical and electronic) are properly configured, VPNs are patched, passwords are secured and rotated.
Spending an extra few hours or even a day going through these processes can save a lot of valuable time and money in the long run. While times of crisis are strange, stressful and new to us, technology allows us to overcome the challenges and fears that we have, as long as we remain calm and apply a good amount of thought.
- Amit Serper, VP of Security Strategy and Principal Researcher, Cybereason
Download the complete guide below.
Cybereason is dedicated to partnering with Defenders to end attacks at the endpoint, in the cloud and across the entire enterprise ecosystem. Only the AI-driven Cybereason XDR Platform provides predictive prevention, detection and response that is undefeated against modern ransomware and advanced attack techniques. The Cybereason MalOp™ instantly delivers context-rich attack intelligence across every affected device, user and system with unparalleled speed and accuracy. Cybereason turns threat data into actionable decisions at the speed of business.
All Posts by Cybereason Team
Cyberattacks by groups supporting Russian interests have been observed, but experts have noted that we likely have not seen the full potential of a Russian cyber offensive yet. A panel of experts will explore the increased risk stemming from the conflict in Ukraine...
Things escalated even further in June of 2021, when public sector entities experienced 10 times as many ransomware attempts as organizations in other sectors, an increase of 917% year over year...
