October is National Cybersecurity Awareness Month, and as people are the weakest link in the cybersecurity chain, it's only fitting that this year's theme is "Do your part: Be CyberSmart."
National Cybersecurity Awareness Month, or NCSAM for short, was created in 2004 by the U.S. Department of Homeland Security and the National Cyber Security Alliance. There are themes and events throughout the month, but the main message couldn't be more timely.
With a record number of employees working from home in the wake of the COVID-19 pandemic, enterprise security has never been more tenuous. Not surprisingly, Gartner recently made securing remote workers its top recommended security project for 2020-2021.
Endpoint detection and response (EDR), zero trust, CASB and enterprise mobility management are some approaches to improving remote workforce security. Of those, zero trust might be the most intriguing, a relatively new approach that lets users access only the applications and data they need. That greatly cuts down on attack surface and opportunities for lateral movement within a network, as you'd see in an advanced persistent threat.
Employees will still click on malicious links if you don't continuously remind them, so some manner of endpoint protection is critical - as is employee cybersecurity training. That training can't be a once a year thing, and there are a number of cybersecurity training tools to help.
Top security threats: email, ransomware
Bitdefender recently came out with a 75-page report on the top threats the endpoint security vendor is seeing. One not surprising finding is that malicious emails have soared in the wake of the pandemic - some 60% of all emails in May and June were fraudulent or contained malware, and many of the malicious ones were COVID-themed. End users are more vulnerable than ever, and security teams need to respond to those mounting threats.
A more troubling development is that the best defense against ransomware - backup - is now under attack. Ransomware attacks increased by 700% in the first half of 2020, Bitdefender said, as malicious actors used the work from home trend to exploit new vulnerabilities.
Ransomware attackers now try to encrypt or delete backups via compromised accounts and other means to make their attacks even more effective, according to Insight Enterprises. That makes data backup not only smart for data protection, but also for security too. It's not possible to be too paranoid about your data. One long-time industry rule is 3-2-1: three copies of your data, two media types, and one offsite copy. Some recommend multiple offsite copies, geographically separate and not connected.
Security of course is critical to keeping those backup copies safe too. A comprehensive security posture is an elusive thing. It may seem as simple as endpoints, firewalls, access and some manner of central control like a SIEM, but threats and security products evolve all the time. It's an ongoing arms race.