5 cybersecurity tips for your lockdown exit strategy

Technical Director, Lawrence Munro, explains how businesses can strengthen their cyber resilience by applying learnings from lockdown.

Around the world, lockdowns have presented several risks and challenges for businesses, but many have realised new efficiencies and learnings from operating remotely.

If you’re preparing to return to ‘business as usual,’ it’s vital that you apply these learnings to your everyday operations and business continuity plans. By doing so, you can strengthen your cyber resilience against future threats.

The best way to do this is to create a lockdown ‘exit strategy’ that identifies how these learnings will be implemented across your organisation to boost efficiencies and ensure that any new risks are continually monitored and dealt with.

With that in mind, here are five tips to consider when preparing the cybersecurity element of your exit strategy:

1. Establish your current risk profile

Under the lockdown, many businesses were forced to establish new remote working infrastructures quickly, without necessarily having the time to understand the risks of doing so. For many, this process will have meant creating exceptions to pre-lockdown security policies, leniency when granting access to files and the potential disabling of multi-factor authentication. 

Even the smallest configuration or policy change can increase potential exposure to threats such as credential stuffing attacks, which use email addresses and passwords, stolen from previous data breaches, to access employee accounts and steal sensitive company information.

As such, it’s important to identify any configuration issues that could have emerged under lockdown and consider how to balance your resources between monitoring cyber threats on an ongoing basis and focusing on other business functions as you steer your organisation out of lockdown.

2. Apply pre-lockdown security measures

As we exit lockdown, many businesses will continue to work remotely and continue to use online meeting and communication platforms. To retain cyber resilience across your organisation, you should treat these apps like any other when it comes to cyber security.

Firstly, you should analyse your security posture to understand how the introduction of remote services have altered the potential attack vectors across your organisation. 

You should also check that any new apps have been through a Secure Development Lifecycle and robust threat modelling. Finally, periodically review the applications’ security policies and download their latest security updates as soon as they become available.

3. Optimise your business continuity plan

If the lockdown has exposed flaws in your business continuity plan, take the opportunity to learn from those mistakes and bolster it.

Start by updating your disaster scenarios, which may include natural disasters, supplier failure or terrorist attacks, to include a scenario with a lockdown due to a global pandemic. Then, test your organisation’s ability to cope by practicing remote working on a regular basis. This should include a way of tracking, investigating and remediating malicious activity on your employees’ computers.

To reduce the need to suddenly scale up your cyber security investment in future disaster scenarios, now is also a good time to confirm that basic security principles are being applied across your organisation. Assurance certifications that can be conducted remotely, such as Cyber Essentials, are a good place to start.

4. Invest wisely

As the lockdown lifts, new cyber threats will emerge and some security vendors will capitalise on the resulting fear, uncertainty and doubt to sell their products. There are no silver bullets when it comes to cyber security, so avoid bloating your technology stack and losing visibility of your risk profile with hasty purchases.

Instead, start with a comprehensive cyber security review to validate your security controls and identify the priority areas that could improve your overall resilience. This will maximise your ROI by enabling you to make strategic, evidence-based investments across your infrastructure.

5. Educate your employees

To strengthen your overall security posture, allow learnings from lockdown to filter throughout your organisation. For example, over the last few months we saw an uptick in phishing attacks that disguise ransomware within communications labelled with COVID-19, so share examples of these attacks with your employees.

You should also encourage employees to apply basic cyber security practices and teach them how to use any new cyber security tools that you have introduced under lockdown. Finally, share your learnings with other businesses, so that we can all become more resilient to emerging cyber threats.

By building these tips into your exit strategy, you can achieve a higher level of resilience as you exit lockdown than you had when you went into it.