The current pandemic landscape has enormously shifted our worlds and caused turmoil across a myriad of industry sectors. Unfortunately, some individuals have thrived during these moments of confusion and disruption, with cyber threats reaching all-time highs.
On November 5-6, 2020, the New Jersey Digital Government Summit virtually addressed the current threat scene and shared ways to fight back so technology systems remain secure and organizations stay at the top of their game. Edge’s Chief Information Security Officer and Associate Vice President for Security Solutions Development, Jeremy Livingston, participated in “The Shifting Cyber Landscape” Breakout Panel.
“The COVID-19 pandemic has had a disruptive effect in how Information Technology (IT) departments run at many organizations,” Livingston said. “IT had to quickly transition to a remote workforce, with a much heavier reliance on cloud-based systems. The very rapid shift left little room for security review, risk analysis, and a careful, measured approach that typically would’ve been done whenever big changes take place within an organization’s IT system.” With less opportunity for oversight and review, additional security risks have occurred, and the number of attacks has massively increased. “During COVID, I’ve seen estimates of attacks increasing in a range of 3,000 percent in organizations,” Livingston shared. “The adversaries are cashing in on the rapid changes and the new vulnerabilities.” He cautioned, “Preparation, as always, will be the key to warding off nefarious activity in the months ahead.”
Protective Measures to Counter Vulnerabilities
Another source of susceptibility to an organization’s technology system is the larger remote workforces that have rapidly emerged in the COVID era. Livingston explained that a disproportionate number of remote workers were, understandably, not well versed on the security risks within their home workplace systems. “This lack of awareness left room for confusion and the possibility for these attacks to succeed,” he added. In normal times, institutions, organizations, and businesses have relied on firewalls, intrusion prevention, and intrusion detection systems, all designed to protect the network. In home workplace environments, these protections were often lacking, especially when the workstation was directly connected to the Internet.
To counter these weaknesses, an organization needed to put in place robust, next generation endpoint protection solutions and systems designed to detect and respond to threats on remote endpoints. Another accepted solution was the incorporation of DNS cleansing solutions, where an agent is placed on each remote workstation. This protective protocol has been found to block malicious links, downloads, and other harmful URLs for the individual or organization. As an added measure, Livingston said it’s also important for employees to report any concerns to their IT departments, “If you’re unsure about anything or something you’re looking at, the best course of action is to always ask first and get some assurance from the IT folks to make sure the file is a legitimate email or document.” He continued, “90 percent of all attacks come in through the user vector, so if a user clicks on something they shouldn’t and opens a file with a malicious attachment, they’ve been tricked into falling for a scam. The first line of defense is our users, and the best way they can help is by being knowledgeable and staying abreast on the latest threats in the cyber world.”
As organizations have broadly implemented security protective measures, zero trust architecture, two-factor authentication (2FA), and multi-factor authentication (MFA) have become the most notable. With zero trust architecture, sensitive data is no longer stored on workstations. Rather, information is placed in protected cloud-based systems. Robust authentication and access protocol policies have been put in place, so organizations granularly grant access to data for only specific individuals. 2FA, which is considered a strong preventive measure for account compromise, has also proven beneficial. Livingston shared, “We had one Edge member who added two-factor authentication for all of their users and as a result has seen zero account compromises, where previously they were dealing with three or four per day. Out of 20,000 users, this is a drastic reduction in the effort to contain and deal with these types of attacks.” MFA has taken security a bit further, with three possible ways for a user to verify their identity: Knowledge (the user provides information only he knows, like a password or answers to challenge questions), Possession (the user supplies an item he has, like a YubiKey or a one-time password), or Inherence (the user relies on a characteristic unique to who he is, such as a fingerprint, retina scan, or voice recognition). Alternatively, adaptive MFA allows a user to login one time and then the request doesn’t appear for another month, as long as devices or IP addresses aren’t changed. The process has also reduced a company’s password policy restrictions. “If the account can no longer be compromised just based on the password alone, there is no need to change a password every 60-90 days,” Livingston explained. “You actually make life easier for your users by moving to MFA.”
Additionally the panelists discussed the resurgence of Distributed Denial of Service (DDoS) attacks as a threat to organizations; especially schools and municipalitites who have been hit recently in New Jersey. The NJCCIC recently put out some great guidance for organizations looking to implement DDoS protections, and the Edge network has robust DDoS prevention and mitigation mechanisms built-in which can save members both money and time when attacked.
“During COVID, I’ve seen estimates of attacks increasing in a range of 3,000 percent in organizations. The adversaries are cashing in
on the rapid changes and the new vulnerabilities. Preparation,
as always, will be the key to warding off nefarious activity in the
months ahead.”
– Jeremy Livingston
“The Shifting Cyber Landscape” Breakout Panel
At the New Jersey Digital Government Summit, Livingston was joined on “The Shifting Cyber Landscape” Breakout Panel by security experts in both the corporate and government sectors, including Michael Geraghty, Chief Information Security Office from the Office of Homeland Security in the State of New Jersey, and Jim Meehan, Senior Manager Global Investigations from Verizon. The moderator of the panel was Executive Vice President and Publisher of the Government Technology magazine, Alan Cox.
Geraghty spoke at EdgeCon 2019, giving Livingston the opportunity to connect and develop a working relationship prior to the Summit. “He’s an incredible advocate for security in the State of New Jersey,” he added. Livingston also has continued to subscribe to alerts from the New Jersey Cybersecurity & Communications Integration Cell (NJCCIC), which Geraghty heads and the group provides high importance threat intelligence. Rounding out the panel was Meehan, who has a very strong understanding of security measures in an organization due to his extensive experience with Verizon’s ongoing ability to navigate the cybersecurity landscape.
After the conference, Livingston strongly suggested that Edge’s member organizations stay abreast of the threat landscape, especially with everything constantly changing. “Both Geraghty and Meehan have tremendous resources available to help users stay informed on the latest security threats,” he added.
Edge’s Security Resources Provide Leadership
A member-based, non-profit organization, Edge has been actively mitigating the risk of cyber incidents within the current landscape, aiding Edge membership with security resources, programs, and support staff. Through their consortium pricing, Edge has always maintained a fundamental approach for including security in all the services and offerings provided, including performing ongoing security reviews, Security Health Checks, and assessments of vendors. Livingston said Edge provides a host of security-based services like vulnerability scans to security assessment and reviews to member collaboration. “We want to fulfill a wide variety of needs within our membership,” he said. “Because we are non-profit and member-based, Edge has the ability to provide affordable resources; differentiating from another party just looking to make a sale.”
For many people, 2020 has been a whole new ballgame in life. But when leaders like Livingston lead the charge for cybersecurity protective measures, the odds of winning greatly increase against the nefarious characters trying to get into the game.