As employees made the shift from working in a centralized location to working from pretty much anywhere, IT teams scrambled to provide devices and connectivity options as a stop-gap to keep businesses running. At the same time, security processes – and sometimes, lack thereof – were rolled out in full force as IT security teams fought to keep people, data and processes safe during the transition.
Companies were forced to quickly confront questions like:
- How do we manage the use of personal equipment vs. company owned devices? Would devices at home be shared with non-employees? Would they be configured and updated in a safe way?
- How would paper-based data be handled? What policies and procedures were in place for its usage, storage and destruction?
- Did they have enough communication channels, such as VPNs?
- How has the responsibility for compliance with data regulations, such as GDPR, shifted from the organization to the employee?
- And even, would the IT security team still be able to fulfill their own processes from home?
We have an increase. There is a risk, and companies need to prepare.
As companies sought to answer these questions, hackers and cybercriminals sought to take advantage of the current situation. The following recorded webinar highlights statistics from a recent OTRS Group survey in which IT professionals were asked about how the pandemic situation has impacted incidents in their businesses. The webinar continues on to address what companies should be doing in response to the increase in incidents as well as answers many audience-asked questions on the topic.
Raising Awareness About IT Security with Employees
Chief among the recommendations made in the webinar was to consistently work on raising awareness about IT security risks with employees. Of course, speaking one-on-one with people can help them to better understand security-related topics, but specific suggestions made also included:
- Using online training annually to better inform and educate people.
- Using external security trainers to supplement in-house training to help add authority to the conversation.
- Performing phishing tests to better understand how employees will respond.
- Encouraging compliance with friendly “games”: If you walk away from your laptop without locking it, you must bring cookies for the entire office.
- Articulating the actual costs and negative results that the company could face if an incident occurred.
Of course, there are specific security measures that should be taken by companies too in order to protect their technology investments and data.
What Else Can Companies Do to Help Avoid Risk?
Of course, there are specific security measures that should be taken by companies too in order to protect their technology investments and data. Among these are:
- Reaffirming the use of a VPN if needed.
- Ensuring that internal systems and software are up-to-date.
- Establishing rules about the use of personal devices, such as ensuring they have anti-virus software, up-to-date operating systems and browsers, etc.
- Understanding the security of cloud solution providers, including their encryption methods; backup procedures; data center locations and physical security; compliance with GDPR and the like.
- Insisting on the use of secured WiFi networks.
What Does the Increased Risk Mean for Companies?
Of course, the first thing that this increase in incidents means is that IT security teams are faced with increasingly more work. They simply have more to deal with – whether that’s an actual threat or simply trying to figure out the next way to keep people, data and processes safe.
Beyond that, however, an interesting thing about the referenced study is that there was a wide range in the number of incidents reported and how they have changed. Some companies experienced ten per month; other companies saw upwards of 300. In some cases, the lower numbers were attributed to having clearly defined security processes in place and well-trained employees. In other cases though, it marks a difference in how teams define, categorize and prioritize events.
STORM offers IT security teams relief. STORM is SOARC software that helps companies organize and respond to incidents quickly and through the use of automated pre-defined processes. Workloads are more easily balanced. Notifications happen automatically. Communication is made simpler. Categorization and prioritization become faster. All in all, the entirety of incident orchestration, automation and response are streamlined and made easier with STORM.
Of course, incident response is just one way in which IT security teams support ever-changing businesses today. Other topics addressed during the question/answer period of the webinar included:
- GDPR responsibilities for companies worldwide.
- Government agency usage of cloud solutions and, in general, what to consider when working with a cloud solution provider.
- How “bring your own device” and “shared offices” impact IT security.
- Consulting services, use cases and integrations as they pertain to the STORM SOAR solution.
- Attack examples and the importance of https.
- Safe use of credit cards and online shopping.
Whether you’re simply trying to raise your own awareness about IT security or aim to spread the importance of this topic company-wide, you’ll find this to be an excellent presentation by Jens Bothe, Director Global Consulting the product owner of STORM and Security Evangelist. And, if you’re interested in exploring the use of STORM with your IT security team, learn more at otrs.com/storm/.