Today we are pleased to welcome guest blogger Tony Bradley, Senior Manager of Content Marketing for Alert Logic, INAP’s trusted managed security partner and expert in cloud security for financial services customers.
– Wendy Williams, Product Manager, INAP
Thanks to the COVID-19 pandemic, we are living in a different world now than the one we had at the beginning of 2020. Everything has changed in terms of how businesses communicate and operate, but some things haven’t changed. In spite of the dramatic shift in the world in general, it is still business as usual for cyber attacks and cybersecurity.
Companies of all sizes and across all industries have been forced to find ways to remain productive and keep the business going while suddenly working with an entirely remote workforce.
What does that mean from a cybersecurity perspective? It means that users who were previously sitting in an office using company-issued computers connected to a company-managed network are now getting their work done on a random collection of personal and business devices connected to the public internet over their home Wi-Fi networks. The complexity of the environment has skyrocketed, and the exposed attack surface has expanded exponentially.
As challenging as things have been this year for businesses and individuals, the reality is that cyber attackers don’t care about the COVID-19 pandemic, or whether you’re quarantined or not. On the contrary, the chaos and confusion of the sudden shift to working remote and the expansion of the attack surface represent a major opportunity for attackers to exploit.
Most users are more exposed on their home networks and lack the filters and security controls that exist on a corporate network. The unprecedented situation we are facing has changed standard processes and methods of communication, making it more difficult to determine what is legitimate and what seems suspicious. Employees are also anxious for information and more likely to click on links or open attachments they shouldn’t. As a result, attackers have ramped up phishing, ransomware and business email compromising attacks.
It is more important than ever for organizations to have visibility of all endpoints and all activity. That means increasing visibility to encompass the dramatically expanded attack surface, including personal endpoints connected to remote networks. Increased focus on suspicious activity on cloud platforms and cloud-based SaaS (software-as-a-service) applications is also necessary.
It’s also critical to understand that attackers don’t have business hours. Not only is it always the middle of the day somewhere on the planet, but many attacks—at least the initial exploit that gets attackers through the door—are automated and run around the clock. Organizations need to be vigilant, and that means having security experts monitoring endpoints and activity 24/7 to identify and respond to suspicious or malicious activity.
Businesses have enough to worry about, and very few have the tools or people necessary for effective cybersecurity. This is especially true given the COVID-19 pandemic and expanded attack surface of users connecting from personal devices and home networks. The best strategy is to stay focused on the core strengths of the company and satisfying customers, while engaging with a trusted partner to provide the cybersecurity visibility and vigilance you need.
Working with a managed detection and response (MDR) provider enables an organization to get the protection and peace of mind they need. INAP and Alert Logic have a strong partnership and provide deep, focused cybersecurity expertise to keep your networks and data safe and give you confidence in your cybersecurity even during these unprecedented times.
About the Author
Tony Bradley is Senior Manager of Content Marketing for Alert Logic. Tony worked in the trenches as a network administrator and security consultant before shifting to the marketing and writing side of things. He is an 11-time Microsoft MVP in security and cloud and has been a CISSP-ISSAP since 2002. Tony has authored or co-authored a dozen books on IT and IT security topics, and is a prolific contributor to online media sites such as Forbes and DevOps.com.