Monitor, communicate, plan
The COVID-19 outbreak has fundamentally impacted the security landscape. Leaders must focus on securing their workforce, at a time when available resources are more limited, attack surfaces have grown as a result of remote working practices, and threat actor activity has increased, as actors diversify to take advantage of the pandemic.
Right now, security leaders must ensure they act proactively to protect against emerging threats, as well as having plans in-place to react should the worst happen. While doing so amid so much change and uncertainty can appear like a complex exercise, by concentrating on a few, fundamental principles, business leaders and their security teams will be well placed to face the challenges ahead.
Monitor the threats
Examples of threat actors using the current global crisis to their advantage are plentiful. We are seeing social engineering attempts include a coronavirus-themed malicious app locking Android phones, impersonations of health organizations such as the World Health Organization in phishing emails, and an illegitimate copy of the John Hopkin’s University COVID-19 mapping website that downloads malware to visitors’ devices.
The most effective action security leaders can take at this time is proactively communicating with employees, to remind them of necessary caution and inform them of emerging threat trends. To do so, security teams will need to monitor evolving threats related to COVID-19, ensure mechanisms to communicate securely with employees are in place, and monitor systems access in order to prevent employees from accessing any malicious links or files.