webinar cyber considerations and practical steps to secure ......threats, and not fully adhere to...
TRANSCRIPT
WEBINARCyber considerations and practical steps to secure your environmentMay 14, 2020
Dimitris KoutsopoulosCEO
Webinar | Cyber considerations and practical steps to secure your environment
Speakers
Christos VidakisCyber LeaderRisk Advisory Partner
Sir Rob WainwrightSenior Partner
Cyber considerations and practical steps to secure your environment© 2020 Deloitte Central Mediterranean. All rights reserved. 3Cyber considerations and practical steps to secure your environment© 2020 Deloitte Business Solutions S.A. All rights reserved. 3
What we are seeing Globally…
Between March 13-26,2020 there were over
+400K
incidents of spam emails pertaining to COVID-19
Without IT’s knowledge
+1,000
insecure personal devicesconnected to enterprise networks every day in 30% of the U.S, U.K. and German companies
As of March 21, 2020 more than
60%
of users work remotely
Investments increased by
14%
to enable and secure remote working
Uncertainty to implement organizational and technological measures to protect employees personal data
Cyber workload increased by
25%
to harden and secure systems
Cyber considerations and practical steps to secure your environment© 2020 Deloitte Business Solutions S.A. All rights reserved. 4
Cyber Considerations
Cyber considerations and practical steps to secure your environment 4
1
Cyber considerations and practical steps to secure your environment© 2020 Deloitte Central Mediterranean. All rights reserved. 5Cyber considerations and practical steps to secure your environment© 2020 Deloitte Business Solutions S.A. All rights reserved. 5
Information leveraged in ongoing cyber-attacks
Large numbers of actors are registering and using COVID-19 related web domains to facilitate credential theft, fraud, and malware related attacks
• Spam, phishing and watering hole attacks will feature heavily in malware campaigns associated with COVID-19
• The power of phishing attacks at this time is hugely amplified by COVID-19, all threat actor categories will utilise this vector to maximum effect
• COVID-19 themed lures will continue to be updated by threat actors as new information becomes available from legitimate health sources
Threat report
COVID-19 related information in ongoing cyber-attacks
It is probable the volume of such attacks will also increase.
Malicious Coronavirus Map
Cyber considerations and practical steps to secure your environment© 2020 Deloitte Central Mediterranean. All rights reserved. 6Cyber considerations and practical steps to secure your environment© 2020 Deloitte Business Solutions S.A. All rights reserved. 6
Information leveraged in ongoing cyber-attacks
Large numbers of actors are registering and using COVID-19 related web domains to facilitate credential theft, fraud, and malware related attacks
Cyber considerations and practical steps to secure your environment© 2020 Deloitte Central Mediterranean. All rights reserved. 7Cyber considerations and practical steps to secure your environment© 2020 Deloitte Business Solutions S.A. All rights reserved. 7
Information leveraged in ongoing cyber-attacks
Large numbers of actors are registering and using COVID-19 related web domains to facilitate credential theft, fraud, and malware related attacks
Cyber considerations and practical steps to secure your environment© 2020 Deloitte Central Mediterranean. All rights reserved. 8Cyber considerations and practical steps to secure your environment© 2020 Deloitte Business Solutions S.A. All rights reserved. 8
Information leveraged in ongoing cyber-attacks
Significant risk arises from migration of a large number of employees from a closely monitored, controlled, and secure enterprise environment to an insecure, unmonitored home Wi-Fi network.
• The COVID-19 pandemic will cause some employees to be less alert to cyber threats, and not fully adhere to security best practices, leaving organizations open to more attacks.
• Not all organizations have security policies and guidelines that consider a remote workforce, and their remote employees may not be properly informed on potential cyber risks of teleworking.
• The use of personal or corporate mobile devices without proper Bring Your Own Device (BYOD) security policy and Mobile Device Management (MDM) solutions, may introduce additional risk.
Threat report
Challenges of a remote workforce and the COVID-19 pandemic
This expands the attack surface for opportunistic attackers.An EU call center was unavailable for 4 hours by a DDOS attack resulting to the unavailability of the VPN infrastructure which was used by the call agents who were working from home.
Cyber considerations and practical steps to secure your environment© 2020 Deloitte Business Solutions S.A. All rights reserved. 9Cyber considerations and practical steps to secure your environment 9
Tactical steps to secure your environment2
Cyber considerations and practical steps to secure your environment© 2020 Deloitte Central Mediterranean. All rights reserved. 10Cyber considerations and practical steps to secure your environment© 2020 Deloitte Business Solutions S.A. All rights reserved. 10
A robust planning process should be implemented across your business functions and IT functions. Scenario and risk modelling plays a critical part.
TOMORROW
NEXT WEEK
NEXT MONTH
TODAY
Discern supply chain dependencies and disruptions02
04Engage the workforce on security implications of working from home and secure remote access
Bolster security in high-risk areas03
05Bolster threat detection and response capabilities
06Revisit security monitoring controls
07Assess scalability/longevity of security solutions 08
Re-engineer and automate security operations
09 Update business continuity plans 10
Develop a mature enterprise-wide crisis management capability
Create a running diary (e.g., transcripts) and get a handle on how teams are choosing to collaborate virtually
01
A robust planning process should be implemented across your business functions and IT functions. Scenario and risk modelling plays a critical part.
Tactical steps to secure your environment
05Bolster threat detection and response capabilities
06Revisit security monitoring controls
Cyber considerations and practical steps to secure your environment© 2020 Deloitte Central Mediterranean. All rights reserved. 11Cyber considerations and practical steps to secure your environment© 2020 Deloitte Business Solutions S.A. All rights reserved. 11
TodayThe attackers know the situation creates blind spots in defences and offers a longer window of opportunity to achieve their objectives.
Re-evaluate your approach
Harden Harden and test infrastructure to reduce attack surface
DetectMonitor use of the remote working and cloud applications involved, informed by threat intelligence
Respond
EducateEducate and / or remind users on how to protect themselves and the business
If breached, be ready and able to respond and recover remotely in a timely fashion
Areas to address urgently
Tactical steps to secure your environment
Cyber considerations and practical steps to secure your environment© 2020 Deloitte Central Mediterranean. All rights reserved. 12Cyber considerations and practical steps to secure your environment© 2020 Deloitte Business Solutions S.A. All rights reserved. 12
Educate
Tactical steps to secure your environment
Create awareness to avoid providing their credentials
Educating users the basic actions needed to prevent infection
Simulate social engineering attacks
Create awareness to avoid clicking on attachments
Educate users how the threat will attack with a specific focus on social engineering attacks
Communicate remote work cyber security policies and best practices
Assist remote employees with basic home network hygiene
Make users aware that they should not let fear and emotion trick them. Today
Cyber considerations and practical steps to secure your environment© 2020 Deloitte Central Mediterranean. All rights reserved. 13Cyber considerations and practical steps to secure your environment© 2020 Deloitte Business Solutions S.A. All rights reserved. 13
Disable the ability to integrate with third-parties and social networks
Install latest platform versions
Monitor the release of new security features
Integration with CASB solution to monitor for
data exfiltration
Enforce auto-generated password use for meeting
access
Ensure that all remote access requires MFA
Block access based on geo location and date/time periods
Guide users to harden their home network
Perform penetration tests to identify potential vulnerabilities
Enforce cooperate controls to BOYD
Remote WorkingCollaboration Technology
Tactical steps to secure your environment
Harden
Today
Cyber considerations and practical steps to secure your environment© 2020 Deloitte Central Mediterranean. All rights reserved. 14Cyber considerations and practical steps to secure your environment© 2020 Deloitte Business Solutions S.A. All rights reserved. 14
Test your Resilience
• Test your resilience through cyber simulations
• Hunt for known attacks
Tactical steps to secure your environment
Tomorrow
Be ready to respond
• Adjust incident response processes to new working practices, such as remote working
• Explore automation to alleviate manual effort and reduce time to respond
Detect
Gather Cyber Threat Intelligence
• Use intelligence to move at the speed of the threat
• Focus on known tactics, such as phishing and C-suite fraud
Optimize detection
• Secure and monitor your email technologies, cloud, shadow IT, BOYD environments and remote working applications
• Analyse behavior patterns to improve detection content
Cyber considerations and practical steps to secure your environment© 2020 Deloitte Central Mediterranean. All rights reserved. 15Cyber considerations and practical steps to secure your environment© 2020 Deloitte Business Solutions S.A. All rights reserved. 15
Tactical steps to secure your environment
If the worst happens and an attack is successful, follow a staged approach to recovering critical business operations
Identify and priorities recovery of key business processes to deliver operations
Protect key systems through isolation
Revise incident response playbooks
Implement appropriate protection measures to improve overall system posture
Fully understand and contain the incident
Eradicate any malware
01
02
03
04
05
06
Respond
Cyber considerations and practical steps to secure your environment© 2020 Deloitte Business Solutions S.A. All rights reserved. 16Cyber considerations and practical steps to secure your environment 16
QA3
Cyber considerations and practical steps to secure your environment© 2020 Deloitte Central Mediterranean. All rights reserved. 17
This presentation has been prepared for the purposes of the webinar “Cyber considerations and practical steps to secure your environmentl” and/or general information purposes. It is the intellectual property of “Deloitte Business Solutions Societe Anonyme of Business Consultants” (“Deloitte Business Solutions S.A.”), and/or its authors, who have the absolute right to exploit, distribute or reproduce it fully or partially, electronically or otherwise. It may be reproduced and copied for personal use only. Deloitte Business Solutions S.A. shall not be responsible for any decisions taken by any participants to the webinar or any third party in reliance on the information contained in the presentation.
No representation or warranty, express or implied, is given and no responsibility or liability is or will be accepted by or on behalf of Deloitte Business Solutions S.A. or by any of their partners, members, employees, agents or any other person as to the accuracy, completeness or correctness of the information contained in this document.
Deloitte Business Solutions Societe Anonyme of Business Consultants, a Greek company, registered in Greece with registered number 000665201000 and its registered office at Athens, 3a Fragkokklisias & Granikou str., 151 25, is an affiliate of Deloitte Central Mediterranean S.r.l., a company limited by guarantee registered in Italy with registered number 09599600963 and its registered office at Via Tortona no. 25, 20144, Milan, Italy.
Deloitte Central Mediterranean S.r.l. is the affiliate for the territories of Italy, Greece and Malta of Deloitte NSE LLP, a UK limited liability partnership and member firm of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”). DTTL and each of its member firms are legally separate and independent entities. DTTL, Deloitte NSE LLP and Deloitte Central Mediterranean S.r.l. do not provide services to clients. Please see www.deloitte.com/about to learn more about our global network of member firms.
© 2020 Deloitte Business Solutions S.A. All rights reserved.