C.I.A. is even more important now with #COVID19 – C.I.A. or confidentiality, integrity, and availability of data is even more important now that we are in the era of the novel coronavirus pandemic (known as #COVID19). As companies send their workers home to work during the pandemic for undetermined amounts of time the issue of data security becomes even more critical.

Both organisations and individuals will need to be vigilant. Since the workers are dispersed far and wide and not ensconced safely in the office and directly connecting to the corporate networks so everyone will need to step up their security consciousness and their security operations.

Organisations are about to run a real life test of their business continuity plans. Many will fail. Here are some things to watch out for.

For organisations

Here are a few tips, this is not an exhaustive list:

• Ensure all machines have properly configured firewalls as well as anti-malware and intrusion prevention.
• Check your Virtual Private Network and other remote access channels, ensure that they are up-to-date and access systems are fully patched (there have been a number of recent VPN exploits).
• Test remote access solutions capacity. I suspect that many will need to increase capacity because most organisations did not plan on every single person in the company working offsite.
• Review business continuity plans and ensure that the cyber security team is in the room.
• Review your incident response plans and update them to accommodate the dispersed workforce and the increased risk.
• Ensure that staff know where to find help if they need it, and have multiple channels in case of an incident.
• Ensure that system monitoring is ready for detection and alerts of abnormal activity.
• Implement multi-factor authentication for staff (this should ideally be done during normal business and not during a crisis).
• Ensure that your cyber security posture is maintained. The temptation is to relax controls in response to a crisis, but make sure that any relaxation of controls is risk assessed and mitigating controls are applied.
• Ensure that staff know how to connect with the cyber security team via different channels.

For individuals

• Individuals will need to take care and ensure that they do not disclose any personal or corporate financial information in response to emails and text messages – even ones seeming to come from colleagues. Phishing attacks are already happening in respect of COVID19.
• It is also important to use trusted sources, such as government or medical websites, for current and fact-based information about COVID19. I often recommend the ABC podcast called Coronacast, hosted by Dr Norman Swan, for calm fact-based information about COVID19.
• Further, it is critical to use trusted wifi or home broadband connections with a VPN (if their company provides one, if their company does not provide one then it would be prudent to buy one yourself). DO NOT USE PUBLIC WIFI unless you have no other choice and then only with the protection of a VPN.
• Be ready to report any concerns about cyber security or suspicious emails and text messages to their cyber team.
• Individuals should also ensure that their anti-virus and anti-malware solutions are up to date, and turn on the firewall software on their devices.

Image: JohnManuel / CC BY-SA (https://creativecommons.org/licenses/by-sa/3.0)

There are increasing numbers of ransomware attacks on municipalities and governmental organisations in the US, with headlines like this. And Australia will not be immune to these attacks.

As Lawrence Abrams noted in Bleeping Computer: “Now that ransomware developers know that they can earn monstrous payouts from local cities and insurance policies, we see a new government agency, school district, or large company getting hit with a ransomware attack every day. For example, this week the Governor of Louisiana declared a state of emergency for the wave of attacks targeting school districts in the state.”

The insurance companies are paying out on these ransomware attacks. But in the very near future insurance companies are going to demand to see evidence of measures taken by the organisation to prevent such ransomware attacks. Based on the ease with which so many cities in the US were penetrated by advanced persistent threats (APTs) they will be entirely right to do so. A good example is the recent Baltimore ransomware attack which will cost the city over $18 million.

However, many organisations are not ready to operate in this kind of world. In the olden days criminals robbed banks because that was where the money was kept. Nowadays the criminals have turned to ransomware because enterprises are the soft target.

Insurers will be under pressure as payouts increase. As was recently noted in the following article payouts are increasing – Ransomware attackers set sights on middle market firms:

“A year and a half ago, the maximum amount we paid was about $7,500, but in many cases, we weren’t paying the ransom because we had the back-ups available to restore the data,” commented Horn. “Now we’re seeing ransomware demands regularly in the seven figures, more like $1 million, $2 million, and a few weeks ago we saw one for almost $4 million.

Do not expect the insurers to continue to take all of the risk. Get organised otherwise organisations will see premiums rocket. This means that every organisation will need to be able to substantiate their preparations to prevent or address ransomware attacks.

The US government has issued guidance on Steps to Safeguard Against Ransomware Attacks.

The Cybersecurity and Infrastructure Security Agency (CISA), Multi-State Information Sharing & Analysis Center (MS-ISAC), National Governors Association (NGA), and the National Association of State Chief Information Officers (NASCIO) have released a Joint Ransomware Statement with recommendations for state and local governments to build resilience against ransomware.

The steps that they include are simple:

1. Back up systems—now (and daily). Immediately and regularly back up all critical agency and system configuration information on a separate device and store the backups offline, verifying their integrity and restoration process. If recovering after an attack, restore a stronger system than the one lost, fully patched and updated to the latest version.
2. Reinforce basic cybersecurity awareness and education. Ransomware attacks often require the human element to succeed. Refresh employee training on recognizing cyber threats, phishing, and suspicious links—the most common vectors for ransomware attacks. Remind employees of how to report incidents to appropriate IT staff in a timely manner, which should include out-of-band communication paths.
3. Revisit and refine cyber incident response plans. Have a clear plan to address attacks when they occur, including when internal capabilities are overwhelmed. Make sure response plans include how to request assistance from external cyber first responders, such as state agencies, CISA, and MS-ISAC, in the event of an attack.

Featured image: Motormille2 [CC BY-SA 4.0 (https://creativecommons.org/licenses/by-sa/4.0)]

For 2019 the International Women’s Day theme is “Balance for Better” and with Ribit’s focus on ESTEAM students and accelerating innovation in industry, I am sharing my “own personal story and experience as an employee and employer, how you jumped started your career, leapfrogged your competition into great jobs to advance your career, along with what you look for in a student to hire”

How I got started in tech

I had no plans for a career in technology, I studied arts at university and originally wanted to be an historian. Then, many years ago, I was standing in the kitchen at work chatting with the CEO and happened to mention that there was a problem with the computer system in the office.

[Pro-tip: never casually mention problems to a CEO unless you are prepared to help fix them]

She mentioned that we needed an IT manager and, since I sounded like I knew about that ‘stuff’, asked if I wanted the job.  My ‘prudent’ response (having no experience at all for this job) was “yes”. And that is the true story of how my career in IT started.

Since then I have studied various technical subjects and have done many different jobs in tech and have enjoyed a fascinating career.

How I progressed my career

In the early days I did not even realise that I had a career until a mentor asked what I was doing about my career. At once I realised that it was up to me, I was going to have to drive my career because nobody else was going to do it for me. I started to think about myself as a product, started to look at the skills and qualifications required to progress my career. I started to seek out new opportunities and to learn new technologies.  Knowing stuff is important, and knowing how to apply it is even more important.

Ability to execute is critical

Many people have great ideas, but few have the ability to execute on them. This, together with enthusiasm, is probably the key thing I look for in a new team member. The ability to execute is all about delivery, it means not taking things at their face value, following through and delivering without excuses. It also means closing the loop on things, and ensuring that the item is delivered with the best possible result. 

Decisions are made by those who turn up

This is one of the most important lessons to learn. If you are not at the table then you will not be participating in the decision making. Participation is important, especially when it is accompanied by enthusiasm and an ability to execute. 

This is the second thing I look for in new team members – folks who turn up and are reliable.

Balance?

I must confess that I am very unbalanced by some people’s standards. I work a lot, study, have startup interests, and have family and friends. That is balanced for me. You need to find what is balanced for you. Don’t let anyone else decide for you.

Sometimes you will want to focus on an opportunity and that is okay. Other times you will want to make space in your life for other things. The important thing is doing what is right for you at the time.

An important factor in maintaining balance is being yourself. This means being vulnerable, but I think that it is worth it in the long run.

Another important part of balance is being thoughtful and reflective about how you are feeling, how you are performing and how your relationships are going. This kind of regular temperature check means that you can rectify things if you are starting to get off track – because balance is not just about work.

Perhaps the most important thing in maintaining balance is ensuring that you keep up significant relationships – family, friends, partners. This will ensure that you have other parties who can also reflect on your journey together with you.