WEBINAR Cyber considerations and practical steps to secure ......threats, and not fully adhere to...

WEBINARCyber considerations and practical steps to secure your environmentMay 14, 2020

http://www.deloitte.gr/

Dimitris KoutsopoulosCEO

Webinar | Cyber considerations and practical steps to secure your environment

Speakers

Christos VidakisCyber LeaderRisk Advisory Partner

Sir Rob WainwrightSenior Partner

Cyber considerations and practical steps to secure your environment© 2020 Deloitte Central Mediterranean. All rights reserved. 3Cyber considerations and practical steps to secure your environment© 2020 Deloitte Business Solutions S.A. All rights reserved. 3

What we are seeing Globally…

Between March 13-26,2020 there were over

+400K

incidents of spam emails pertaining to COVID-19

Without IT’s knowledge

+1,000

insecure personal devicesconnected to enterprise networks every day in 30% of the U.S, U.K. and German companies

As of March 21, 2020 more than

60%

of users work remotely

Investments increased by

14%

to enable and secure remote working

Uncertainty to implement organizational and technological measures to protect employees personal data

Cyber workload increased by

25%

to harden and secure systems

Cyber considerations and practical steps to secure your environment© 2020 Deloitte Business Solutions S.A. All rights reserved. 4

Cyber Considerations

Cyber considerations and practical steps to secure your environment 4

1


Information leveraged in ongoing cyber-attacks

Large numbers of actors are registering and using COVID-19 related web domains to facilitate credential theft, fraud, and malware related attacks

• Spam, phishing and watering hole attacks will feature heavily in malware campaigns associated with COVID-19

• The power of phishing attacks at this time is hugely amplified by COVID-19, all threat actor categories will utilise this vector to maximum effect

• COVID-19 themed lures will continue to be updated by threat actors as new information becomes available from legitimate health sources

Threat report

COVID-19 related information in ongoing cyber-attacks

It is probable the volume of such attacks will also increase.

Malicious Coronavirus Map









Significant risk arises from migration of a large number of employees from a closely monitored, controlled, and secure enterprise environment to an insecure, unmonitored home Wi-Fi network.

• The COVID-19 pandemic will cause some employees to be less alert to cyber threats, and not fully adhere to security best practices, leaving organizations open to more attacks.

• Not all organizations have security policies and guidelines that consider a remote workforce, and their remote employees may not be properly informed on potential cyber risks of teleworking.

• The use of personal or corporate mobile devices without proper Bring Your Own Device (BYOD) security policy and Mobile Device Management (MDM) solutions, may introduce additional risk.

Threat report

Challenges of a remote workforce and the COVID-19 pandemic

This expands the attack surface for opportunistic attackers.An EU call center was unavailable for 4 hours by a DDOS attack resulting to the unavailability of the VPN infrastructure which was used by the call agents who were working from home.

Cyber considerations and practical steps to secure your environment© 2020 Deloitte Business Solutions S.A. All rights reserved. 9Cyber considerations and practical steps to secure your environment 9

Tactical steps to secure your environment2


A robust planning process should be implemented across your business functions and IT functions. Scenario and risk modelling plays a critical part.

TOMORROW

NEXT WEEK

NEXT MONTH

TODAY

Discern supply chain dependencies and disruptions02

04Engage the workforce on security implications of working from home and secure remote access

Bolster security in high-risk areas03

05Bolster threat detection and response capabilities

06Revisit security monitoring controls

07Assess scalability/longevity of security solutions 08

Re-engineer and automate security operations

09 Update business continuity plans 10

Develop a mature enterprise-wide crisis management capability

Create a running diary (e.g., transcripts) and get a handle on how teams are choosing to collaborate virtually

01

A robust planning process should be implemented across your business functions and IT functions. Scenario and risk modelling plays a critical part.

Tactical steps to secure your environment

05Bolster threat detection and response capabilities

06Revisit security monitoring controls


TodayThe attackers know the situation creates blind spots in defences and offers a longer window of opportunity to achieve their objectives.

Re-evaluate your approach

Harden Harden and test infrastructure to reduce attack surface

DetectMonitor use of the remote working and cloud applications involved, informed by threat intelligence

Respond

EducateEducate and / or remind users on how to protect themselves and the business

If breached, be ready and able to respond and recover remotely in a timely fashion

Areas to address urgently



Educate


Create awareness to avoid providing their credentials

Educating users the basic actions needed to prevent infection

Simulate social engineering attacks

Create awareness to avoid clicking on attachments

Educate users how the threat will attack with a specific focus on social engineering attacks

Communicate remote work cyber security policies and best practices

Assist remote employees with basic home network hygiene

Make users aware that they should not let fear and emotion trick them. Today


Disable the ability to integrate with third-parties and social networks

Install latest platform versions

Monitor the release of new security features

Integration with CASB solution to monitor for

data exfiltration

Enforce auto-generated password use for meeting

access

Ensure that all remote access requires MFA

Block access based on geo location and date/time periods

Guide users to harden their home network

Perform penetration tests to identify potential vulnerabilities

Enforce cooperate controls to BOYD

Remote WorkingCollaboration Technology


Harden

Today


Test your Resilience

• Test your resilience through cyber simulations

• Hunt for known attacks


Tomorrow

Be ready to respond

• Adjust incident response processes to new working practices, such as remote working

• Explore automation to alleviate manual effort and reduce time to respond

Detect

Gather Cyber Threat Intelligence

• Use intelligence to move at the speed of the threat

• Focus on known tactics, such as phishing and C-suite fraud

Optimize detection

• Secure and monitor your email technologies, cloud, shadow IT, BOYD environments and remote working applications

• Analyse behavior patterns to improve detection content



If the worst happens and an attack is successful, follow a staged approach to recovering critical business operations

Identify and priorities recovery of key business processes to deliver operations

Protect key systems through isolation

Revise incident response playbooks

Implement appropriate protection measures to improve overall system posture

Fully understand and contain the incident

Eradicate any malware

01

02

03

04

05

06

Respond

Cyber considerations and practical steps to secure your environment© 2020 Deloitte Business Solutions S.A. All rights reserved. 16Cyber considerations and practical steps to secure your environment 16

QA3

Cyber considerations and practical steps to secure your environment© 2020 Deloitte Central Mediterranean. All rights reserved. 17

This presentation has been prepared for the purposes of the webinar “Cyber considerations and practical steps to secure your environmentl” and/or general information purposes. It is the intellectual property of “Deloitte Business Solutions Societe Anonyme of Business Consultants” (“Deloitte Business Solutions S.A.”), and/or its authors, who have the absolute right to exploit, distribute or reproduce it fully or partially, electronically or otherwise. It may be reproduced and copied for personal use only. Deloitte Business Solutions S.A. shall not be responsible for any decisions taken by any participants to the webinar or any third party in reliance on the information contained in the presentation.

No representation or warranty, express or implied, is given and no responsibility or liability is or will be accepted by or on behalf of Deloitte Business Solutions S.A. or by any of their partners, members, employees, agents or any other person as to the accuracy, completeness or correctness of the information contained in this document.

Deloitte Business Solutions Societe Anonyme of Business Consultants, a Greek company, registered in Greece with registered number 000665201000 and its registered office at Athens, 3a Fragkokklisias & Granikou str., 151 25, is an affiliate of Deloitte Central Mediterranean S.r.l., a company limited by guarantee registered in Italy with registered number 09599600963 and its registered office at Via Tortona no. 25, 20144, Milan, Italy.

Deloitte Central Mediterranean S.r.l. is the affiliate for the territories of Italy, Greece and Malta of Deloitte NSE LLP, a UK limited liability partnership and member firm of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”). DTTL and each of its member firms are legally separate and independent entities. DTTL, Deloitte NSE LLP and Deloitte Central Mediterranean S.r.l. do not provide services to clients. Please see www.deloitte.com/about to learn more about our global network of member firms.

© 2020 Deloitte Business Solutions S.A. All rights reserved.

http://www.deloitte.com/about

Date post:	23-May-2020
Category:	Documents
Upload:	others
View:	5 times
Download:	0 times

WEBINAR Cyber considerations and practical steps to secure ......threats, and not fully adhere to...

Documents