We are joined by a Power Panel of industry leaders who share their insights on this critical issue.Join a Twitter discussion with industry leaders on “Managing Cyber Threats while Working Remotely”- Tune in at 11 AM EDT #STinsights. Visit https://t.co/16ERZxIgDz #OneHCL pic.twitter.com/z6It71DEaO
— CIO Straight Talk (@CIOStraightTalk) May 21, 2020
We kick the session off by discussing the digital vulnerabilities of remote work.We have an amazing panel with us today. We’ll be introducing them in the upcoming tweets. #STinsights. Visit https://t.co/16ERZxZS29 for more such discussions. #tweetchat #OneHCL pic.twitter.com/WuxWnIleJb
— CIO Straight Talk (@CIOStraightTalk) May 21, 2020
Malicious agents will always be quick to take advantage during times of crisis by any means necessary.We are going live with the #Tweetchat. Here's the 1st question. #STinsights #OneHCL pic.twitter.com/lcDrDSwGLI
— CIO Straight Talk (@CIOStraightTalk) May 21, 2020
1/2
— Vikram Thakur (@vthakur) May 21, 2020
Actors leveraging the pandemic by exploiting trust users have in gov & legit programs. They stop at nothing-SMS phishing, stimulus check fraud, phishing using CDC/WHO/etc,peddling malware,and selling fake prdcts as remedy https://t.co/eBDtO3IT1C@CIOStraightTalk #Stinsights
2/2
— Vikram Thakur (@vthakur) May 21, 2020
Club that with lowering cyber-controls to allow employee access to resources that were not designed for remote access, cutting corners by disabling VPN/MFA, and allowing unmanaged phones to store corp data/email is happening often@CIOStraightTalk #Stinsights #OneHCL
Unfortunately, weak moments propel businesses to shift strategies and cyberattackers are always waiting to cash-in on an opportunities like these — It’s the perfect moment to exploit weak spots. @CIOStraightTalk #Stinsights #OneHCL #COVID19
— Sanjay Katkar (@sanjaykatkar) May 21, 2020
A1: MyPOV is that the security risks are the same as they were pre-COVID19, just amplified by the increased number of "work from anywhere" employees. #data #security and access are probably the top issues #STinsights #OneHCL
— mike d. kail (@mdkail) May 21, 2020
#STInsights, Employees accessing business data from unsecured networks will cause significant cybersecurity risk. Secondly, business-sensitive data hosted on personal devices & the use of third-party apps will allow hackers to trespass enterprises and launch large-scale attacks
— Sanjay Katkar (@sanjaykatkar) May 21, 2020
A1: Due to the lack of security frameworks and enterprise policies, #WFH machines becomes low-hanging fruits for hackers who are eyeing for quick cash-ins on vulnerable systems.#STInsights #OneHCL pic.twitter.com/Ql042Dtjte
— Moin Shaikh @TeensInAI Mentor (@moingshaikh) May 21, 2020
An unprecedented crisis is the doorway to new knowledge and realizations.Q1, Remote worker protection, Fatigued Remote worker, increased attack surface, redefine protection of IPs and other crown jewels and complex environment for detection and response #STinsights @CIOStraightTalk #OneHCL
— Renju Varghese (@renjuv) May 21, 2020
Enterprises must develop digital resilience not only in their infrastructure but their workforce as well.Join in the conversation using #STinsights #OneHCL #Tweetchat. And our second question is: pic.twitter.com/3kQIAdrK9p
— CIO Straight Talk (@CIOStraightTalk) May 21, 2020
A2: I have seen many companies and teams realizing now that security is "shared" responsibility.
— Moin Shaikh @TeensInAI Mentor (@moingshaikh) May 21, 2020
Org. can no longer rely on their solid security tools and network infra alone to protect the systems and data. Employees have to play their role, too.#STinsights #OneHCL
A2: Unfortunately many are learning how ill prepared they were for any sort of "event" -- not having enough laptop, mobile device inventory, not enough VPN capacity, no communication guidelines. This is a people and process issue, not tech #STinsights @CIOStraightTalk
— mike d. kail (@mdkail) May 21, 2020
.@mdkail Agree, that has been a very interesting discovery. Meanwhile what is your take on the business continuity aspect of the organization.#STinsights @CIOStraightTalk #OneHCL
— Renju Varghese (@renjuv) May 21, 2020
It's about "Disaster Resiliency" instead of "Recovery" in order to deliver business continuity #STinsights @CIOStraightTalk
— mike d. kail (@mdkail) May 21, 2020
The biggest lesson is the sheer unpreparedness of a large scale remote office deployment. Businesses are not able to cope up with the lavish spread of devices resulting in IT teams losing control of the new eco-system. #STinsights #OneHCL #TweetChat
— Sanjay Katkar (@sanjaykatkar) May 21, 2020
.@Sanjaykatkar absolutely agree. The new evolution on how to identify, re-evaluate and come-up with a necessary spread of devices and managing will be crucial. #STinsights @CIOStraightTalk #OneHCL
— Renju Varghese (@renjuv) May 21, 2020
Right. And to add to that separation of personal and official data on the personal devices being used in the organisation.
— Sanjay Katkar (@sanjaykatkar) May 21, 2020
To scale an org's workforce to WFH, the fundamentals need to be in place. Bizs depending on personal equipment to connect a remote workforce to corp networks lack control to their data while exposing the org to a new class of risk.@CIOStraightTalk #Stinsights #OneHCL
— Vikram Thakur (@vthakur) May 21, 2020
.@vthakur. Adding further, this pandemic situation also brought the necessity of building a definitive set if inventory of all the devices that are used remotely to connect to the enterprise environment.
— Renju Varghese (@renjuv) May 21, 2020
Q2, Keeping remote devices patched and upto date, Remote access is a necessity, Cybersecurity is now very critical for business functioning, Business continuity is an absolute necessity #STinsights @CIOStraightTalk #OneHCL
— Renju Varghese (@renjuv) May 21, 2020
Of course, enterprises are taking a number of steps to proactively address these threats.Poor hygiene, non-standardized apps, & inability to limit flow of corp information are the CISO's worst nightmare@CIOStraightTalk #Stinsights #OneHCL
— Vikram Thakur (@vthakur) May 21, 2020
A holistic approach that encompasses worker training and systems enhancement is the way forward.Time for our third question for the forum. Keep the questions coming! Join the conversation using #STinsights #Tweetchat #OneHCL pic.twitter.com/Rj9FF18NmQ
— CIO Straight Talk (@CIOStraightTalk) May 21, 2020
Not letting basics slip. Stay up with patches. Do vuln scanning. Have good password hygiene. Use MFA. Follow least privilege. Standardize on technologies. Standing up VPN infra for more bandwidth.@CIOStraightTalk #Stinsights #OneHCL
— Vikram Thakur (@vthakur) May 21, 2020
A3: I would hope that proper incident response procedures were already in place and tested regularly well prior to COVID19 #STinsights @CIOStraightTalk
— mike d. kail (@mdkail) May 21, 2020
.@mdkail Agree that is very needed basic hygiene. Meanwhile can you also comment on the need to have segregation zones in the remote working models.#STinsights @CIOStraightTalk #OneHCL
— Renju Varghese (@renjuv) May 21, 2020
In addition to the "defense in depth" point I just made, RBAC - Role Based Access Control is another best practice to help here #STinsights @CIOStraightTalk
— mike d. kail (@mdkail) May 21, 2020
Q3, Enhancing Endpoint Security, Addressing employee wellness to reduce employee fatique, IAM & PAM programs, re-looking at protection for IPs & crown jewels #STinsights @CIOStraightTalk #OneHCL
— Renju Varghese (@renjuv) May 21, 2020
Being prepared for disruption demands that follow the best ideas and processes.A3: The most cyber-proof organizations are doing what they do best: training employees on fundamentals of #cybersecurity.
— Moin Shaikh @TeensInAI Mentor (@moingshaikh) May 21, 2020
No safety tools and tech work until and unless employees understand and work diligently.
"Security is a shared culture"#STinsights #OneHCL
Ensuring that best practices are followed at every level can mitigate major risks.A big shoutout to everyone on our panel. Here’s our fourth question. Join the conversation using #STinsights #Tweetchat #OneHCL pic.twitter.com/IQgUUpuQx2
— CIO Straight Talk (@CIOStraightTalk) May 21, 2020
A4: Not new, just best practices and the following 2 are great baselines
— mike d. kail (@mdkail) May 21, 2020
* Defense in Depth -- Multiple layers of #security
* Zero Trust -- Trust Nothing, Verify Everthing#STinsights @CIOStraightTalk
A4> Quick Heal had advised on the immediate adaptation of certain capabilities in the core of the enterprise for remote working — these protocols are rapidly picking up. The advisory can be found in one of our recently published blogs.https://t.co/Ppo2KzvnTV #STinsights #OneHCL
— Sanjay Katkar (@sanjaykatkar) May 21, 2020
Mandating patch and AV levels before allowing VPN connectivity. Rapid adoption of MFA. Raising awareness of processes to report security issues. Encrypting devices. At the end of the day, there is no substitute for a savvy informed workforce@CIOStraightTalk #Stinsights #OneHCL
— Vikram Thakur (@vthakur) May 21, 2020
And finally, our panel explains what we can expect in a post-pandemic world.Q4, Best Practices for Clear definition & enabling of Role-based access, Employee Awareness programs, Patch Management programs, improving belief in the Remote worker #STinsights @CIOStraightTalk #OneHCL
— Renju Varghese (@renjuv) May 21, 2020
The nature of work will shift beyond offices and workplaces to accommodate the needs of a post-pandemic world.Here’s our final formal question to the panel—but keep shooting YOUR questions, using #STinsights #OneHCL pic.twitter.com/dCZhGT6nSU
— CIO Straight Talk (@CIOStraightTalk) May 21, 2020
A5> A remote working policy will become a standard in the new normal — the world will see a wave of third-party collaboration apps for better functionality. It will become vital for CXOs to re-look at their cybersecurity framework post-pandemic business world. #STinsights #OneHCL
— Sanjay Katkar (@sanjaykatkar) May 21, 2020
Companies will rethink their work at home strategies. More and more WFH will become 'normal'. We will hear more and more "zero trust" if not already implemented.@CIOStraightTalk #Stinsights #OneHCL
— Vikram Thakur (@vthakur) May 21, 2020
A5: In the post COVID work era, we are going to see organizations putting more emphasis on "remote security" systems.
— Moin Shaikh @TeensInAI Mentor (@moingshaikh) May 21, 2020
Companies are going to continue embracing remote work, hence they're likely to adopt the "security anywhere, security everywhere" concept.#STinsights #OneHCL
Q5, The new normal would be Social Distancing is a norm, hence distributed work-force – in-office + remote, working with secure collaborating environments and secure remote access #STinsights @CIOStraightTalk #OneHCL
— Renju Varghese (@renjuv) May 21, 2020
And with that, we wrap up another illuminating session with our esteemed panel. We wish you the best of health and safety. Until next time!A5: I'm a broken record in the fact that I've continually said it has been "WFA - Work From Anywhere" for several years now and increased during the pandemic and will remain at this elevated state going forward #STinsights @CIOStraightTalk
— mike d. kail (@mdkail) May 21, 2020
A big thank you to our Power Panel for their #STinsights and those who joined us for this exclusive discussion on our #Tweetchat #OneHCL pic.twitter.com/ElX8KMk7r6
— CIO Straight Talk (@CIOStraightTalk) May 21, 2020
We’ll close the #Tweetchat with an article by Maninder Singh, Corporate VP, CyberSecurity Services, @hcltech, on what you should be doing as #WFH goes viral and the pressure from cyber security threats goes up. https://t.co/xhxra0fpfA #STinsights #OneHCL
— CIO Straight Talk (@CIOStraightTalk) May 21, 2020