The COVID 19 crisis has disrupted business operations and technology initiatives around the world. The new normal has forced many enterprises and organizations to allow their employees to work from home. With businesses operating indoor since the lockdown announced in March, there has been a steady increase in the number of coronavirus-related spear-phishing attacks and the threat is growing rapidly.
Phishing campaigns are expected to be responsible for 93% of email breaches as there has been a spike in a variety of phishing campaigns that are taking advantage of the heightened focus on the pandemic to distribute malware, steal credentials, impersonate brands, and infiltrate business data.
Digital transformation has been helping organizations become more agile, cost-effective and productive for years. But since the advent of the pandemic, it has provided a major driver for many in India to switch to digitalization.
While organizations are riding a wave of digital transformation to support the shift to remote working, many have been impacted by major security concerns that have emerged. Despite this, security has taken a back seat in many organizations due to budget and resource constraints.
A recent report by Barracuda revealed that 53% of organizations in India do not have an up-to-date security strategy or solutions covering all the vulnerabilities posed by remote working, while 71% admitted to not paying attention to cybersecurity in the shift to this mode of working.
As promptly as India has digitized its working business scenario online, businesses are required to take up cyber security as a key self-responsibility to avoid causing reputational and financial damage at a time when most companies can least afford it. This highlights the need for organizations to prioritize spending on critical controls, whether that involves consolidating vendors, investing in SaaS-based solutions and collaborative tools, or assessing how automation could help free budget and resources for security.
It is critical at this stage considering that the employees working remotely may often be distracted, coupled with a lack of protection on home devices and networks, making them more susceptible to accidentally sending sensitive information to the wrong people. As per Barracuda’s research report, 66% of Indian organizations reported at least one data breach or cyber security incident since shifting to remote working, with 67% reporting that employees had experienced an increase in email phishing attacks.
The research report clearly indicates that cyber mafias can target any endpoint that is less protected and the pandemic will continue to intensify the threats. But every threat can be translated into a learning opportunity for the enterprises that can allow them to adopt new strategies to evolve their technology infrastructure for any upcoming challenges or global crisis. While organizations can deploy cloud-enabled security solutions to protect their email domain, networks, data and applications, they will have to emphasize on a dedicated culture of security to safeguard all their entry points from the attackers.
To start with, enterprises must secure remote access with firewall to ensure remote users can securely access their network resources and they are following best practices for remote access security. With secure remote access, the traffic is encrypted and there is no unauthorized exposure of user credentials or other sensitive data. This allows the authorized user to access network resources from wherever they have an Internet connection. Meanwhile, business owners must restrict the use of weak passwords and urge their workers to regularly update their login information. They must also refrain from giving the workers access to data for nonessential purposes and deploy an AI-based solution to keep up with the most sophisticated attacks like dangerous hacking vulnerabilities, ransomware, or other malicious activity from a third-party source.
Organizations can also micro-segment their network to build several boundaries for the attackers to cross before gaining access to another subset of data. These frontiers are created to only allow the minimum necessary services. As traditional techniques are no more enough to provide adequate data protection, organizations are increasingly making move to cloud-hosted email and considering cloud email security deployments. They provide comprehensive, cost-effective, scalable protection for all Office 365 data.
Cloud email security can not only optimize email protection for those using Microsoft Office 365 or other cloud email providers but securely backs up email, contacts, folders, schedules, and tasks, along with the OneDrive for Business, SharePoint, Groups, and Teams data, to the Cloud Storage.
In yet another report released by Barracuda titled Secure SD-WAN: The Launch Pad into the Cloud, it was found that a fully-integrated, secure SD-WAN is the preferred technology solution for 90% of organizations in India as it can help overcome the top two security challenges organizations are facing when it comes to public cloud: lack of access control and backhauling traffic.
Identifying the need, a new secure SD-WAN service was built natively on Microsoft Azure by the leading cloud-enabled security solutions provider. Since remote working has become the new normal, this solution can replace costly, inflexible network connectivity circuits, and the entire network can be dynamically sized to match current traffic workload, which can optimize network performance and minimize cost.
Read more: Cyber Watch: Another Ransomware in Shipping Indicates High Time for Stronger IT
Finally, organization must pay attention to the increasing threats of phishing. Cybercriminals design sophisticated attacks such as business email compromise (BEC) attacks to bypass email gateways. Leveraging AI-based solution helps to identify unusual senders, requests, and other communications will help detect BEC attacks and other fraud. It is also important to provide user education by engaging their workforce in cybersecurity awareness training. This will enable employees to recognize messages that come from outside of your organization and are aware of the latest tactics used by cybercriminals.
The pandemic has indeed accelerated cyber adoption in Indian enterprises, with steps for future defined by innovation and new-age technologies. That said, the cybersecurity industry has never had a more crucial role to play than keeping mission-critical organizations and enterprises safe from targeted cyber-attacks during the COVID-19 pandemic.
Murali Urs
Guest contributor Murali Urs, Country Manager, India, of Barracuda Networks, cybersecurity company providing security, networking, and storage products based on network appliances and cloud services. Any opinions expressed in this article are strictly that of the author.
