Intelligent CISO Issue 25 | Page 29

S? ADRIAN TAYLOR, REGIONAL VP OF SALES FOR A10 NETWORKS ince the start of the pandemic, we have seen different attacks, ranging from attackers targeting the World Health Organisation (WHO) to steal information, to mass phishing email and spam campaigns targeting remote workers. We have even seen cases where cybercriminals are launching websites with domain names related to Coronavirus and COVID-19, exploiting people’s curiosity or worry to eventually launch ransomware attacks. When it comes to cybersecurity, just like public health, prevention can be better than the cure. We are providing you with some common guidelines and security best practices that, when followed, can give you a better chance of fighting the people who are trying to capitalise on the chaos of this pandemic. The following measures can help enterprise businesses bolster their cyberdefences during this pandemic: 1. Train your employees on security and work from home best practices to make sure they are aware of the risk they can inadvertently pose to the security of the organisation. If possible, ensure that your employees are only using their corporate devices to access company data. Also, make sure that the devices they use have the latest security patches installed and updates enabled. 2. Tweak your company’s email protection settings to ensure that no phishing or spam emails can make it through to your employees. Train employees in the art of spotting phishing emails, not clicking on suspicious links and alert them to phishing emails that have made it through. 3. Make sure remote users access SaaS applications through the corporate network instead of editor’s question Taking simple, common-sense security measures can help protect us all against the cybercriminals exploiting the chaos. accessing the applications directly via the Internet from home. This would ensure that your security solutions like CASBs have visibility into all traffic accessing your services in the cloud. 4. Make sure you are keeping a close eye on all your network traffic, especially SaaS traffic. Data breaches are a real threat during this crisis and you must ensure that no unauthorised data transfers take place in the guise of ‘normal remote work’. 5. Ensure that all your employees accessing your corporate network are using VPNs to do so. 6. Make sure your analytics solutions can track shadow IT. If you followed the previous steps, then that should help facilitate the tracking of unauthorised application use. 7. Finally, follow the Zero Trust model. This principle is based on ‘trust nobody’ and make sure that no user has access to data that they don’t depend on for their day-today functions. Restrict access as much as possible and ensure that you have visibility into all your users, traffic, data and workloads, and that you have uniform security policies applied across all locations to make sure no security loopholes exist. Just like a simple bar of soap can help protect you against the COVID-19, taking simple, common-sense security measures can help protect us all against the cybercriminals exploiting the chaos. www.intelligentciso.com | Issue 25 29