The work from home era has changed how employees around the world go about their daily work tasks. As many of us continue to swap our offices for our kitchen tables and spare bedrooms, how organizations approach cybersecurity needs to adapt to this new normal.  

The SolarWinds Attack Showed Us Why Cybersecurity is So Vital 

The SolarWinds attack, first discovered by FireEye while they were investigating their own breach, rocked the cybersecurity and technology industries to their core. This widespread and damaging attack has really driven home how damaging state-sponsored attacks can be.  

This widespread attack targeted both private businesses and the upper echelons of the US Government, including the Department of Homeland Security and the Treasury Department, and served as a wake-up call for many organizations. State-sponsored attacks are a huge threat that can have devastating consequences, so why in 2020 and now 2021 are many organizations approaching both their security posture and their business, in general, the wrong way? 

Common Mistakes Organizations Make  

ChannelBytes sat down with Erin Logue Smith, a cyber and compliance specialist at Dell, and Ned Engelke, the CTO of EVOTEK, to find out what common mistakes they see businesses making and how organizations can increase security in the work from home era.  

During our interview, Ned shared with us two common mistakes he has seen more than one of EVOTEK’s clients make recently: a siloed approach to business and an overreliance on point products and tooling. 

The Dangers of Silos 

A siloed approach to business often creates an adversarial relationship between an organization’s various key pillars, including the security group. Since security plays such a fundamental role in any IT approach or software project, all organizations need to be incorporating security best practices throughout the organization. This includes making sure any source code you are incorporating from the public domain has been thoroughly audited and is not compromised.  

The SolarWinds hack was so far-reaching because the malicious actors behind the attack were able to upload malicious code into the company’s Orion system, which is widely used by companies to manage their IT resources. As such, the 33,000 customers that use Orion were all compromised as part of the attack. 

To prevent silos from forming, organizations need to approach their cybersecurity posture robustly and holistically. Not only will a holistic approach improve security, but it also improves efficiency by improving inter-departmental communication and helping support business goals and initiatives.   

When Overreliance Leaves Your Organization Vulnerable 

The other common mistake Ned frequently encounters is an overreliance on point products and tooling. One best practice all organizations should be following, regardless of what threats you are trying to mitigate or contain, is to approach your security with both defense and depth. 

By going back to basics and identifying what exactly your goal is and what steps you need to take to achieve that goal, you can help your organization create a robust, streamlined security posture designed to meet your organization’s specific needs. In Ned’s experience, an overreliance on point tooling tends to move organizations away from their security goals, not towards them, putting them in a more vulnerable position. 

Work from Home Has Exponentially Increased the Attack Surface Area 

As the SolarWinds attack demonstrated, a vulnerability in your supply chain can have devastating consequences. Avoiding silos and assessing each item in the supply chain is crucial for safeguarding your organization and its digital assets. 

In Erin’s experience, many organizations have failed to factor in the pandemic’s effects on work when they are assessing their cybersecurity posture. Many organizations act like nothing has changed, even as remote work (and the security risks it brings) continues to be the new normal. 

Though some organizations are taking steps to adjust, too many find themselves playing catchup as they try to secure their remote workforce after work has already shifted out of the office. As such, many organizations still don’t have the necessary tools and strategies in place to support a distributed workforce that has traded their secure, workplace-based work environments for potentially less secure home environments. 

Work from home has also brought with it a myriad of distractions as parents juggle their own workload while simultaneously supporting their children’s’ distance learning efforts and pet owners deal with pet-based interruptions. The elephant in the room is that these distractions, and all of the other changes work from home has brought, are the new normal. Organizations need to embrace that and change their approach to security accordingly. The threat hygiene landscape has changed dramatically, and all organizations need to update their cybersecurity resiliency programs to meet these new requirements. 

Both Erin and Ned have seen a marked rise in the number of email-based phishing scams targeting their customers, and unfortunately, some workers are falling for them. A lot of security breaches are occurring because workers are distracted and end up clicking on things they would never have dreamed of clicking on prior to the pandemic. 

You can’t protect your organization without educating your employees and making sure they know what steps they need to take to help keep your organization secure. 

EVOTEK, in particular, has seen a significant increase in attack surface areas as people who are used to working in secure office environments and connecting only to their core data center where everything (including their network, the assets running the applications, and the stored data) was highly secure. Now, these same individuals find themselves working at home and are wholly unprepared to handle the transition from a security perspective. 

Phishing Scams are On the Rise, & Workers Are Falling for Them 

EVOTEK was recently targeted by a phishing scam: An email was making the rounds claiming to be from EVOTEK’s CEO that tried to trick recipients into clicking on malicious links. As such, EVOTEK has taken the time to invest in updated cybersecurity training for all employees. This includes teaching employees to check return addresses carefully and pause for a minute and ask themselves if the CEO (or another trusted sender) would actually ask them to do something like the sender is asking them to do.  

Phishing scams where the sender impersonates the CEO appear to be on the rise as ChannelBytes recently had a client that was targeted as well. In the email, the “CEO” of the company asked recipients to click a link and buy a large number of gift cards from a specific store. Even though this request was completely out of character for the CEO, a few workers fell for the scam, causing a lot of problems for the business. 

What Steps Can I Take to Improve My Organization’s Cyber Resiliency? 

If one positive thing has come out of this pandemic and the sudden shift to work-from-home, it is that it has increased security awareness among non-security professionals. As workers continue to work from home, they are becoming more security aware, and many workers and the organizations they work for are now actively working to improve security for remote workers, strengthening their organizations’ cybersecurity posture on all fronts. 

Improving cyber resiliency should be a top priority for any organization. To learn about other steps your organization can take, please consider watching our interview series with the Dell and EVOTEK teams.