isacaabj WFH: CYBER TIPS FOR SURVIVING THE COVID -19 PANDEMIC - ISACA Abuja

WFH: CYBER TIPS FOR SURVIVING THE COVID -19 PANDEMIC

Nature is so beautiful; it creates a perfect balance for all creatures. The animals, the plants and the aqua creatures all live in a complete harmonious entity called ecosystem, and each depends on one another for survival. The desire for survival, however, has somewhat created a seeming competition among the fauna and flora that make up the ecosystem.

Of great interest is the life of the aqua species called Salmon. Salmon lives safely and enjoys the beauty and rich flora in water bodies. They thrive so well in the rivers and are shielded naturally from the risk of predators such as Bears, Eagles and other birds of prey. However, studies show during the breeding season, salmons leave its natural environment (Ocean water) and travel against the tide to freshwater.

Having watched a documentary on Salmon in NATGEO Wild (a TV documentary series on Nature), it was fascinating seeing these beautiful creatures going against all the odds to survive. During the breeding season, Salmons travel miles against the tide, navigate shallow waters, jumps from lower waters across the waterfalls to freshwater. This journey is quite exhausting and dangerous, but it appears that is the only way for Salmons to survive (breeding is an essential ingredient for survival).

A constant danger on these survival journeys is the Bears, Wolves, Eagles and other birds of prey. These animals know the breeding season and instinctively understand the waterways so well, they congregate at the shallow waters in wait for the struggling salmons which they cherry-pick effortlessly. Very few salmons make it to the fresh waters to spawn and continue the survival cycle.

The Salmon’s journey for survival and continuity may be likened to the ordeal of business organizations and institutions, especially during this global pandemic called COVID-19, which has caused government and industry regulators to order company Shut-Down across businesses to minimize human exposure to the COVID-19 risk factor. Businesses are expected to comply with or risk heavy sanctions. But Businesses have to survive. One way of ensuring survival is to evolve a new business model. The Work-from-Home (WFH) or Remote Work model (RWM) has gained popularity and many businesses including government organizations are considering and adopting this model which is analogous to the Salmon’s instinct for survival.

Moving from the prevailing physical model to the cyberspace as lofty as it may seem, is a journey suffused with risks which organizations have to be aware of if they are to achieve continuity of their businesses unscathed. Just like the journey of the Salmon, the cyberspace has many Bears, Wolves, Eagles and other predatory animals waiting to conveniently cherry-pick on organizations critical data and assets for various malicious purposes.

Just like the predators attacking the unsuspecting salmons on her quest for survival, the cyber predators are lurking for organizations and businesses to commence the journey into the unfamiliar cyber terrain through models such as Work-from-Home or Remote Work Model. They Know fully well that many organizations jostling to adopt these models behave just like the Salmons, their focus is on getting to the fresh waters (continuity of business operations) with little or no consideration of the presence of dangers or risks lurking on their way.

Before the Corona pandemic, statistics on cyber incidences from research institutions paints a very gloomy picture of the Nigerian businesses with a cyber-presence. Threat Intelligence Reports from CheckPoints a renowned institution monitoring cyber threat globally shows that among others, on the average:

  • A typical organization in Nigeria with internet presence is being attacked 1292 times per week in the last six months (October 2019 to date), compared to 411 attacks per organization globally. (With the COVID-19 and changing business model, this figure would have doubled)
  • 88% of the malicious files targeting institutions in Nigeria were delivered via the e-mail, compared to 66% of malicious files globally. (This is as a result of the low cyber risks awareness level in most businesses in Nigeria)
  • The most common vulnerability exploit type in Nigeria is Remote Code Execution (RCE), impacting 70% of the organization in the country. RCE gives that attacker the ability to take control of organizations systems in Nigeria)

All these are happening with organizations operating 90% physical model and less than 10% cyber presence or dependence. One could best imagine the volume of undetected attacks now that most organizations are adopting or considering the “Work-from-Home” model which obviously increases the attack surface thereby creating ideal conditions for attackers that seek to take advantage of the corona endemic.

The RWM model mandates organizations personnel to connect remotely to their respective offices to do their work and access business emails and applications using home devices which most often are not protected by the corporate firewalls and anti-phishing security controls (if exist). Most times, connections are made using home routers which are ungoverned. B Browsers on many computers provided by companies hold sensitive information like user IDs and passwords and attackers find these easy target to gain remote credentials and perform malicious logins to the corporate network. With the low-level security awareness, phishing campaigns through email makes employees at home a soft and easy target.

One might be tempted to argue that connections to corporate networks (in the Workfrom-Home model) are done via Virtual Private Network (VPN) and are secured, this posture provides a false sense of security as attackers according to PCYSYS (“Proactive Cyber Systems”) could easily transform VPN by an “owned” computer, into a magical back door to the organization’s network.

As inundating as this might be, taking necessary precautions as prescribed by

ISACA Abuja and other cybersecurity professionals globally might guarantee successful navigation to safety hence business continuity as an organization consider the RWM model. These measures apply to both businesses (Government and nongovernment) as well as individuals. The measures include:

  1. Companies carefully considering setting up a Cyber Risk Management team to evaluate all possible risk scenarios
  2. Ensuring that adequate IT resources are in place to support staff in case of technical issues while teleworking. And providing relevant information, e.g. on contact points, to staff.
  3. Investing more on creating awareness on the do’s and don’ts while working from home
  4. Ensuring employees devices comply with organizations internal policy, have up-to-date security software and security patch levels. that users are regularly reminded to check patch levels. It is advisable that a replacement scheme for failing devices is also in place.
  5. Ensuring all corporate business applications are accessible only via encrypted communication channels.
  6. Ensuring Data at Rest (DAR) on employee laptops are encrypted to protect against unauthorized disclosure in the event of theft or devise loss.
  7. Where possible, getting full protection from credential theft through phishing or social engineering as well as malware, exploits, ransomware, and other email-delivered threats, by investing in relevant services
  8. Safeguarding access to application portals through the use of multifactor authentication mechanisms.
  9. Vetting Bring-your-own-device (BYOD) such as personal laptops or mobile devices from the security standpoint.
  10. Ensuring policies for responding to security incidents and personal data breaches are in place and that staff are appropriately informed of them.
  11. Ensuring that any processing of personal data by the employer in the context of remote working is in compliance with the local legal framework on data protection such as Nigeria Data Protection Regulations (NDPR.)
  12. Ensuring that employees are discouraged from sharing the virtual meeting URLs on social media or other public channels. (Unauthorized 3rd parties could access private meetings in this way thereby breaching business confidentiality).

Finally, ISACA Abuja wishes to advise Nigerians to be particularly careful with any emails referencing the coronavirus, as these may be phishing attempts or scams.

About ISACA

ISACA is a not-for-profit global organization with over 140,000 members practising in about 180 countries (about 2,500 members in Nigeria). Through its chapters like ISACA Abuja, ISACA has been at the forefront of promoting the development and education of Cybersecurity, IT Governance, IT Security, Assurance, Risk and Control globally.

ISACA engages in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems. For instance, one of ISACA’s product is COBIT which is an IT Governance framework that has been globally acknowledged as very robust and relevant to the business. Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the broad range of IT professionals it serves.

ISACA’s globally recognised certifications include:

  • CISA (Certified Information Systems Auditor)
  • CISM (Certified Information Security Manager)
  • CGEIT (Certified in the Governance of Enterprise IT)
  • CRISC (Certified in Risk & Information Systems Control)
  • CSX (Cyber Security Nexus)

(Pieced together for ISACA Abuja Chapter by Ime Udoko –CRISC, CISA, CGEIT, OCP, IT Project+,)

Ime Udoko is presently the Director of Research and Marketing ISACA Abuja Chapter.