Last week, Sequoia Capital penned an article about weathering a business downturn that went viral as fears around the global pandemic extended to every corner of the world. It talked about how, in some ways, business mirrors biology and quoted Darwin on who will survive as "not the strongest or the most intelligent, but the most adaptable to change."

This really resonated, as we fully subscribe to the notion that flexibility and adaptability are instrumental in our ability to thrive as individuals, as teams and as organizations. Today, this becomes more important than ever before particularly for security teams as businesses pivot toward all things digital in order to take recommended safety precautions in the face of crisis.

With much of the world's workforce mandated to work from home, it is imperative that security leaders take a step back from ordinary operations and focus their time and attention on taking the appropriate steps to guard against malicious or thrill-seeking threat actors, such as the fake coronavirus maps used to spread malware or fake text message "alerts" claiming to sell CDC-approved remedies to symptoms.

Here are five best practices our own team and some of our customers are implementing today that can help keep your organization as safe as possible during a time in which everyone is more susceptible to hackers.

1. Ruthlessly prioritize real security measures, and ditch security theater.

Security leaders have several competing priorities, from meeting existing regulations to moving your IT stack to the cloud to finding the right talent amid the most acute cybersecurity skills shortage we've ever faced. Use this as an opportunity to be brutally honest about which programs will have the highest impact and which ones can be classified as security theater countermeasures that provide a feeling of improved security and "check the box" but in reality do very little (if anything) to increase security. Focus on initiatives to form a solid foundation, such as creating a bulletproof incident response plan. Cut or table projects that aren't absolutely necessary to your security operations right now.

2. Brace for insider threats.

When it comes to cybersecurity, our minds are quick to jump to external threats we might be prone to. However, threats exist internally as well. If your company is in an industry where layoffs are either anticipated or inevitable, prepare to mobilize against internal threat actors who might act out. Implement data loss prevention solutions, and ensure you have relevant guardrails in place, such as logging and monitoring. Focus on a few specific use cases where you can intercept known risk, and amp up your security monitoring and incident response accordingly.

3. Bring social engineering to the forefront of internal conversation.

Social engineering uses fear and urgency to deceive victims into taking action. While some cybersecurity attacks exploit technical vulnerabilities in software, others exploit psychological vulnerabilities in human behavior, which is particularly relevant as people cope with higher-than-usual levels of mental stress.

Increase awareness around social engineering simply by starting the conversation and underscoring the importance of adhering to safe practices at home. For those who have not kept security top of mind, now is the time for them to start. It's your role to engage as many members of your workforce as possible to reduce overall risk. Warn of malicious links and provide validated resources for employees to check for updates. When in doubt, make sure your customers and employees know that if they see something suspicious, they can (and should) ask you about it, and provide a process and forum for communicating these concerns.

4. Develop contingency plans for mission-critical, third-party services.

You can only control what goes on in your own organization (to an extent). So what happens if the vendors you rely on get hacked, experience a breach or become unavailable? Take inventory of the services that your business operations would be severely impacted by losing access to. Reach out to vendors on that list, and, in partnership with those teams, create contingency plans that you can quickly adopt to minimize the impact internally.

5. Cement your seat at the table.

CISOs have been edging their way toward having a seat next to the CEO and CFO, but it's still not standard across organizations. As a security leader, you must be privy to what is happening at the highest level because business operations are changing daily if not hourly in the midst of this pandemic. Without staying abreast of how things are evolving at the organizational level, it becomes difficult at best and impossible at worst to align your security strategy with the overall business strategy. Now is the time to educate the C-suite around the changes to the threat landscape, the value of cybersecurity in identifying and mitigating risk, and short-term to midterm plans to weather the storm.

As security leaders, managing risk and operating under uncertainty is core to our roles. This is our opportunity to lead the way for others who are trying to figure out how to do the same right now. None of us can be sure how long this situation will last, but one thing is certain: We must do everything in our power to mitigate the risks that internal and external threat actors pose in order to protect our organizations.

See the rest here:
Five Best Practices Security Leaders Should Implement Now To Fend Off Threat Actors - Forbes