The pandemic summoned a state of uncertainty about all we know, from street interactions to work attire. No one was happy to see the chaos – well, except cyberattackers, who seized on the lack of visibility to crawl into personal and business information.
Feasting on disorder, hackers sprayed COVID-19- themed phishing attempts. You know the ones, falsely promising “vaccine appointments’’ or fearmongering from a fake World Health Organization.
Cybercriminals’ goal is to turn panic into profit. Agencies’ and individuals’ responsibility is to stop them.
“If you’re not staying vigilant and staying in front of the threat in terms of training, then you’re behind the eight ball already,” said Bryan Jenkins, Director of Sales for Carahsoft. “You have to always be looking for what the next threats are, making sure your employees are up to date.”
Carahsoft, a prominent technology distributor, enrolled its employees in a new serial cybersecurity training during the pandemic. It catered toward telework security events, with the focus of continued improvement.
Though agencies are at different levels of cybersecurity, step No. 1 is educating and informing. Then, it falls on technology.
Step 1: Educate
Many agencies have been sticking with the same cybersecurity training since they sent employees home. But much of that training no longer applies. Water cooler chats are so 2019.
Cybersecurity training should be centered on modern events – situations employees connect with, like spear phishing or suspicious links. As employees beef up their knowledge, agencies progress to a secure, long-term remote and hybrid environment.
Step 2: Secure
Much of security is focused on preserving operations, though that’s not always what hackers want to topple.
If intruders can make off with agency secrets or sensitive information for the black market, their payday is complete. Where they often exploit this information is backups, which can be forgotten in agencies’ rush to lock up everything else. Given these contain years of sensitive information, backups are a prized pinch for attackers.
“That’s probably the biggest piece of the pie attackers are going after,” Jenkins said.
In a backup and recovery solution, agencies should look for encryption capabilities. They have to be able to restore that information from a secure place off premises.
Step 3: See
One reason why many agencies leave sensitive data exposed is they don’t know where it is. In some cases, hackers will stumble upon it before IT does.
With the amount of novel data only growing, few agencies have the resources to take stock of all their archives and backups. So what should they prioritize?
One answer comes via Carahsoft’s partnership with Veritas, a data specialist. The tool combs through documents to identify sensitive information, like passwords or personally identifiable information. It can also find “orphaned” files without an owner.
This sort of visibility and understanding is a crucial pillar of a backup and recovery strategy geared toward the ransomware era.
“In a ransomware-type scenario, you want to obviously protect the most sensitive information the most, because that’s what the bad guys are going after,” Jenkins said.
This article is an excerpt from GovLoop’s recent guide, “Your Cybersecurity Handbook: Tips and Tricks to Stay Safe.” Download the full guide here.