10 COVID-19-related lessons for future-ready cybersecurity

In 2020, we experienced wave after wave of COVID-19 surges and watched failure after failure at practicing what we knew were effective preventative measures. Similarly, in December 2020, the Russia-backed SolarWinds malware attack resulted in the compromise of as many as 18,000 systems and countless confidential records.

It is possible that, in both cases, some of the fallout was due to fatigue or complacency. Regardless, we can and must do better. The good news is we can mitigate the risks of cyberattacks by following a few critical lessons COVID-19 has (or should have) taught us.

We have learned about infectious diseases and cyber-attacks the hard way, and each of us today needs to think like an epidemiologist.

The road to future-ready cybersecurity

Let’s explore 10 lessons from fighting COVID-19 that, if applied with vigilance, could improve cybersecurity across the workforce:

• Stop assuming everything is safe: For far too long, we have accepted weaknesses in the software supply chain. We must be more diligent about putting pressure on the entities in the supply chain to offer proof of deep security scrutiny.
• Be careful with what you share: Watch for phishers seeking access to credentials or confidential information. Protect intellectual property and data from deep-fake intruders.
• Don’t become a super-spreader: Don’t open email attachments from strangers. Never forward anything you don’t trust or can’t completely verify. Ensure privacy settings are up-to-date and active.
• Social distance: Segment networks and databases. Don’t follow the crowd and use third-party code without security testing. Create distance in the software supply chain.
• Wear a mask: Invaders will exploit even the smallest openings and vulnerabilities. Cover exposures with strong firewalls and current threat detection programs. Stop harmful SQL injections. Web forms are a favorite entry point for intruders to insert SQL commands. Undetected, invaders can access databases and make malicious changes.
• Set a good example: Establish a security champions program. Champions promote security literacy, quantify risks, and model good practices. A program ensures a steady flow of motivated security advocates.
• Sanitize everything: Encode and encrypt all sensitive data and confidential information. Integrate security across the software development life cycle.
• Wash frequently and completely: Keep up with security patches and new software releases. Fixes are often the consequence of vulnerabilities discovered during attacks, meaning that the difficult detection work has already been done for you.
• Vaccinate until herd immunity is achieved: Everyone needs to increase security literacy and stick with training. Security awareness, like antibodies, may not last long. Welcome security as part of the development life cycle. Start shifting more security ownership left to Dev and right to DevOps.
• Expect more severe variants and mutations: Invest in digital transformation and technology modernization. Model threats and responses.

We must also build immunity by detecting intrusions and assessing vulnerabilities. Lock doors and close windows of opportunity for invaders by breaking bad habits. The demand for security literacy compels future-ready organizations to develop skills in all job roles and levels.

The good news is that, according to a recent Skillsoft report, security training has increased during COVID-19. User hours spent accessing training courses on security rose by 6.3 percent at the start of the pandemic (February – April 2020) while security courses in North America grew by 77 percent from September to October.

Translate past lessons learned into future actions by enabling your teams with the below in-demand IT security skills:

• Security integration (DevSecOps)
• Hands-on practice detecting threats by industry and job role (Cyber Range)
• Cloud service provider security policies and practices
• Tools, methodologies, and practices to support site reliability engineering (SRE)

Cybersecurity is a function of people, policy, and technology. Damaging attacks are the outcome of failing to recognize their intersectionality. 80 percent of intrusions are known tactics and common behaviors of adversary groups. Start where you are, build on proven mitigations, and pick fights you can win.