In this COVID-19 era cyber-attacks increasingly looking to exploit vulnerabilities in security infrastructure of companies, financial institutions, national infrastructures and governmental bodies.
New challenges call decision makers and cybersecurity leaders to revisit their security measures and risk management practices, there’s a need to focus more on implementing new technologies and processes to fortify their systems architecture to the current and coming challenges.
Cybersecurity call for action in face of current threats:
1. Implement new technology and tools - Companies should use advanced up to date tools.
2. Intelligence techniques – Companies and government institutions should develop proactive use of cyber threat intelligence to preempt attacks by identifying relevant indicators of attacks and address real time live attacks.
3. Risk management – defenders should apply governance, risk and compliance solutions for improved risk management. Such solutions provide a detailed mapping of an organisation's potential risk exposure and enable it to coordinate the different elements of risk and contingency planning (e.g. cybersecurity measures and policies, operational risks, business and operational continuity, cyber insurance, clients’/users’ data privacy, legal risk exposure, etc.).
4. Prepare for attacks - these are high-risk times and companies and institutions must carry out frequent cyber crisis simulation exercises to prepare their response to a cyberattack. Companies must realize it is not a question “if” it is going to happen, it is “when” is it going to happen.
5. Zero Trust – defenders are strongly advised to implement a Zero-Trust cybersecurity approach. In this approach only authenticated and authorized users and devices are permitted access to data and applications. This approach replaces the outdated concept by which access is granted by default.