VS ONE Started this year with a webinar on the cybersecurity in a work from home setting. This included a discussion about potential cybersecurity risks as well as the approach to mitigate such risks.
We will highlight some of the key discussion points discussed in this forum.
Several Key Trends:
1. Attacks targeting the remote workers are on the rise – 47% ransomware attacks were from RDP Compromise
2. Zero-day exploits are growing
3. Ransomware and State sponsored Cybercrime are becoming a new trend
4. Attacks exploiting the IT Supply chain are on the rise
5. Growing Insider threats
As the healthcare experts stated that Covid-19 was not going to go away, many measures needed to have been taken by IT professionals in terms of remote working, such as remote desktops, VPN and other measures that would stay for a longer run.
We also discussed the possible controls to minimize cybersecurity threats arising from work from home solutions.
1. Continued visibility and vulnerability assessment of the key equipment – including gateways, VPNs and RDS infrastructure.
2. Deploying multi-factor authentication and Privileged Access Management
3. Evaluating and auditing the cybersecurity programs and core suppliers -This is an expensive lesson most organizations who were attacked using third-party applications deployed on their systems learned
4. Focusing on Endpoint security – Patches, Zero-day attack prevention
5. User education – Using phishing simulations and educating users
VS ONE has also developed some reference architectures to address some of these issues. Some details of these solutions are given below.
– Using Deep Learning to understand Zero-day attacks – As programs such as Windows defender are providing extensive signature-based security, we recommend running next generation endpoint solution which can use AI technologies such as Deep Learning to mitigate these advanced risks.
– Extensive Focus on Endpoint management – Continuous, near real time monitoring of the endpoints and scanning them regularly against vulnerabilities as well as periodically updating patches. This approach would help the IT administrators identify anomalies in the system and remediate them, which would also be essential as users are working from their homes.