Lynne Chernow is one of the many high-caliber IT Executives who will be facilitating group discussions at NCS Madison’s Virtual CIO & CISO Strategy Meeting on April 14, 2020 for executives in the New York area.
Lynne is a Senior Technology Executive at Fordham University. She will be leading a thought-provoking group discussion on Cybersecurity Leadership. Here is a preview of what she shared with us in a recent interview for her upcoming session.
“Even organizations with high levels of maturity in security, privacy, and business continuity will have a valuable list of lessons learned on the other side of this disruption”
Why has cybersecurity increased in importance during the Coronavirus pandemic?
Cybercriminals love a crisis. There has been a significant spike in phishing attacks. While we usually see tax-related phish this time of year, cybercriminals are exploiting the Coronavirus pandemic and playing on people’s anxiety. Phishing is more effective when people work from home in that recipient’s patterns are disrupted, they may be unable to reach their organization’s IT Help Desk to verify the email, and there is no prairie-dogging, i.e., learning from a colleague at the water-cooler that this morning’s email was a phish.
Another tactic on the increase is hijacking home routers, changing the DNS settings, and redirecting users to a malicious coronavirus website. The site claims to be from the World Health Organization (WHO), and it has a download button that quickly installs malware.
As governments prepare to disperse funds to help those suffering financially and companies are offering refunds to their customers, organizations have had to examine the robustness of their fraud prevention strategies and identification protocols.
Many organizations have had to cut or furlough high percentages of their employees. In many cases, this happened overnight, and former staffers were asked to mail back their laptops and other devices. Some employees keeping their jobs are taking on multiple roles. Not being able to keep up with deprovisioning accounts and changing account permissions presents a security risk.
How has working remotely impacted the security of organizations?
Working remotely can tempt people to skimp on their cyber hygiene, such as using unsecured Wi-Fi, forwarding sensitive information to their personal accounts, or not shredding sensitive documents.
Remote workers may be using their home computer and personal mobile devices. The operating systems, applications, and security software on these devices may not be up to date. The built-in security features of these devices might have been tampered with or tuned off, removing protections against malware and other attacks.
With the increase in the use of web conference services, we have heard horrible stories of Zoombombing and digital gate-crashing. Novice users are not yet familiar with the settings available to protect web conference calls.
What leadership challenges are CISOs facing during the pandemic? How can a CISO effectively lead their remote security team to protect their organizations’ security?
CISOs, like other team leaders, face the challenges of guiding their communities with best practices, finding effective methods of cross-team collaboration, and sustaining team engagement.
Newly remote workers may be reluctant to come forward with the difficulties they are experiencing. They may employ workarounds to address these issues and inadvertently compromise security or put data privacy at risk.
With in-person meetings on hold, CISOs must coach their teams on ways to collaborate and communicate with their business partners. It’s important to check in with critical third parties to learn how they are scaling for increased loads and maintaining business continuity.
Burn out is a potential problem. Staff have been asked to take on new tasks and not ignore their other duties which protect their organizations, such as reviewing security alerts. With a crisis comes chaos and, at times, an increase in false positives in security alerts. Alert fatigue can stress a security operation.
How can a CISO equip their employees with the best practices necessary to protect their organization’s assets while maintaining productivity?
It is the CISOs job to ensure each employee can reliably and securely access enterprise systems and information assets. CISOs always try to limit business disruption without compromising security and privacy. Yet, bad actors aren’t the only ones who can cause havoc. Employees may unintentionally cause a data leak, system outage, or other security breaches.
CISOs should remind employees of relevant company policies and procedures, including the handling confidential data. Coach them on the appropriate use of file-sharing services and video conferencing services.
Urge employees to consider a broad set of security factors. For example,
- Do your personal devices use up-to-date anti-virus/anti-malware products?
- Do you share your devices?
- Can your child or partner access your company’s Intellectual Property when you’re not around?
- Are your organization’s paper documents protected from fire and theft?
- Do you have a paper shredder?
What lessons have security leaders learned from this unprecedented pandemic regarding enhancing their ongoing risk, compliance, and information security operations?
As I said earlier cybercriminals love a crisis. As security leaders, we should make use of the opportunities that lie in every crisis.
It is a good time to adjust Business Continuity Plans and preparedness, in general. The abrupt move to remote work caused many department heads to reflect on their internal processes and partnerships with third parties. Hit while the iron is hot and contact departments that have not recently updated or completed business impact assessments or continuity plans.
Take a fresh look at items that have served you well and those you’ve meant to update.
- How effective is your Incident Response Plan? Should the team be refreshed?
- Look at your supply chain and reexamine risk with your third-party suppliers.
- Reflect on zero trust concepts, assume that bad actors are already inside, and promote a bare minimum access model to minimize intrusions.
- How will you change your Security Awareness Training? Will you make it mandatory?
- Are any tweaks to your VPN needed to support your remote workforce? Adding exceptions or increasing the timeout setting?
- What is your patching cadence? Is your VPN at 24/7 keeping you from rolling out the latest security updates and patches?
- Is multi-factor authentication used fully?
Even organizations with high levels of maturity in security, privacy and business continuity will have a valuable list of lessons learned on the other side of this disruption.
What is one thing you would like the attendees of your discussion group to leave knowing?
The group’s sharing of the challenges faced by going remote in a hurry and the success stories in meeting those common challenges will be of great value. The measures taken and planned will help us set up our remote workforce to maintain productivity, customer satisfaction and brand reputation. Our coping with the pandemic is a work in progress.
Why have you decided to join us at the 2020 New York CIO and CISO Strategy Meeting?
I am a big fan of NCS Madison events for their content, format and atmosphere. The topics are relevant, the format allows for discussions, not presentations, and the atmosphere is not vendor-centric.
We have limited spots available for the CIO & CISO Strategy Meeting for IT Executives in New York and its surrounding areas. If you are interested in participating in Lynne Chernow’s discussion group or any of the other great discussion groups available register here: https://www.tfaforms.com/4792662 or contact Jason Walter at jwalter@ncsmadison.com for more information.