As organisations have adopted remote working solutions to maintain business continuity, the security landscape has also undergone a drastic change. There is a critical need to realign security strategies and solutions to effectively protect operations in the current scenario.
To understand how industry leaders are protecting the operations of their organisations, YourStory hosted the third episode in the ‘Future of Work’ webinar series, powered by Cisco Webex, on May 21.
Moderated by Shradha Sharma, Founder and CEO of YourStory, panelists for the webinar included industry leaders Shalini Warrier, Executive Director, Federal Bank; Bala Ramanan, Senior Director – Risk & Compliance, Microland; Kumar KV, Group CIO, Narayana Health and Vishak Raman, Director, Security Business, Cisco India & SAARC.
The situation on ground
When asked for an overview of the state of cybersecurity at Federal Bank, Shalini said that while the banking sector is more prone to such attacks, there has not been a material rise since the onset of the pandemic. However, the attackers are pivoting their strategy and capitalising on the pandemic.
Bala from Microland said that this challenge has created a domino effect, affecting all stakeholders.
“While Microland had a crisis management system in place, it never accounted for a two-month, work from home scenario.” He added that all security measures had to be recalibrated to consider thousands of employees working from unknown systems, networks and devices, most without the right security measures.
Kumar from Narayana Health said the pandemic has brought about the meteoric rise of telemedicine.
“Our main challenge, from a team standpoint, was getting the remote working solutions in place within a couple of weeks after the announcement of the lockdown, and getting everyone to collaborate and communicate on the platform that we have in place,” he added.
Rethinking security practices in the new normal
When asked about the measures in place to adhere to RBI guidelines while working from home, Shalini said they have carved out various teams to ensure continuity of critical operations which included security operations, transaction monitoring, payment services, and IT operations. As an added measure, these teams were also quarantined in separate facilities at the beginning of the lockdown Shalini added.
When asked about the security measures implemented to carry out remote diagnostics and online health consultations, Kumar said, “The adoption of telemedicine meant patients have to send records online, and doctors have to upload prescriptions in return. We use Cisco Amp for end-point security, Cisco StealthWatch to monitor the entire infrastructure, and Cisco Umbrella to prevent malware from compromising this personal data. We also carry out data filtering with Cisco Umbrella for any malicious entities,” he said.
Enforcing best remote working practices
Shalini said though the banking sector traditionally never saw work from home practices, cybersecurity has been a priority since the beginning.
“We have carried out a lot of training with our employees through webinars, infographics, and e-learning programmes, and remote working on a rotational basis. We have conducted phishing simulations, and enhanced employee monitoring to see how customer data is being accessed. Those accounts that are seeing suspicious activity are put on high risk, and are monitored regularly,” she said.
Bala said that in a remote work environment, the end point becomes the new security perimeter.
“The access point has now shifted to the homes of employees. We got them to use OpenDNS, which is the public version of Cisco Umbrella to improve security,” he said, adding that with remote working, there was an increase in the volumes of emails being sent.
“There were a lot of phishing attempts, which could jeopardise the organisation and even the customers. We doubled down on our email security gateway, looked at spam reports, and we narrowed down the source of these threats,” he said, adding that they then informed the users that they were being targeted.
The way forward
When asked how the security landscape has changed, and the steps needed for businesses to secure their operations, Vishak Raman from Cisco said, “In the COVID-19 threat landscape, a lot of the attacks have shifted to the end-point. The question then rises as to which devices are operating securely, which ones can be trusted, and whether the identity of the user of that device is compromised,” adding that identity based attacks, end points, remote desktop protocols and drive by install were the prominent threats.
According to Vishak, it takes four layers to secure operations – Securing VPN access, adopting multi-factor authentication to ensure trustworthiness of users and devices, enforcing DNS layer and security when required, and securing end-points by carrying out data encryption and malware protection. “If you miss out on having your security operations in place, then it will become an issue, even if you have the necessary security controls in place,” he said.