Cybersecurity in a time of Covid-19

No one event has had the focus of the world at this scale in the last decade. As IT teams are working round the clock to ensure that organizations continue to function and teleworkers are able to access their assets & data, attackers could use this an opportunity to slip under the radar & conduct a successful cyber-attack.

This article aims to help bring you up to speed on changed threat landscape & how can you secure your organization in times of a larger threat landscape due to teleworking.

  • Increase in malware, ransomware, phishing e-mails targeting the weakest link in security – People: Cyber criminals are taking advantage of the fact that employees are teleworking. A majority of these workers are teleworking for the first time. The last few days have seen a multitude of phishing e-mails impersonating management executives or, HR being sent with information about Coronavirus. Additionally, these e-mails are being used lure end users to download files or, access malware laced websites Attackers are even luring users to a coronavirus map to infect endpoints with AZORult malware. Hackers are stealing user information from browsers associated to including usernames, passwords, credit card numbers etc. Check Point has stated that coronavirus related domains are 50% more likely to install malware on endpoints. It is important for users to verify the identity of the sender through visual inspection of the e-mail address before downloading files or, following a link listed in the e-mail. Additionally, the spam gateway should append text stating that the e-mail is from an external source. Secondly, ensure that the anti-virus is up to date on all endpoints & being run on a daily basis.
  • Secure Communication for Teleworkers : Organizations need to mandate that all communication is encrypted. This would range from ensuring that all business application is accessed via SSL and internal resources through VPN. Due to the increase in teleworking, attackers could attempt to sniff sensitive information over networks. If encrypted, attackers are left with no sensitive information.
  • Mandating MFA across the organization : It is important to only allow access to all assets through an additional layer of authentication – MFA (Multi Factor Authentication).
  • Additional Layer of Verification by the IT Helpdesk : All queries to IT Helpdesk should be verified through an additional layer of questions to validate identity of the employee. Additionally, all users should verify e-mails/phone/communication from their IT Helpdesk.
  • Increased Risk due to possible use of personal devices or networks : There could be a possibility of employees who would use personal devices to access company data/assets or, save data in insecure locations for quicker/easier access like free file sharing apps, public code sharing platforms etc. to bypass the added step of sharing by connecting over VPN or, even via public networks. It is important to ensure that the internal teams are re-iterating the importance of security in times like these.
  • Protection of Devices & Data in public places : It is important to be careful in public places as attackers could attempt to distract the employee whilst an adversary could steal devices, printed documents etc. Working from public places should be avoided especially via public Wi-Fi as attackers could attempt to steal sensitive information. All devices should be locked when not used and the screensaver should be activated in 2 minutes. All devices should have an antivirus and possible MDM to ensure that it is devoid of malware.
  • Patching : Attackers are aware that patching maybe slower than the usual on all user endpoints & servers and could the opportunity to attack assets with known exploits to well documented vulnerabilities. It is important that fixes, updates are pushed centrally before connecting to the internal network.
  • Bolstering your BCP & conducting a BIA (Business Impact Analysis) : It is important to bolster your current IR plan & BCP. Additionally, a BIA would help assess the impact of the pandemic & how a cyber attack could impact the organization. Organizations should brace for disruption and anticipate & prepare for a possible cyber threat.

1 Minute Guide to the Updated HITRUST Scoring & Metrics for 2020

At the start of the year, HITRUST released an updated methodology for scoring requirements. This will ensure that organizations focus on maintaining a robust program with implemented controls for enhancing security posture and adherence to HITRUST.

Hence, if you’re on the path to HITRUST or new to it, the following will be applicable to you:

  1. HITRUST will now place a greater influence on implementation of controls
  2. It can potentially increase the number of Corrective Action Plans (CAPs) due to gaps in implementation.
  3. The increase in CAP’s in implementation would correspond with a decrease in the number of CAPs attributed to gaps in policies and procedures as well as an increase in the scores for managed & measured if implemented well.
  4. A greater emphasis will be placed on procedure in comparison to policy.
  5. HITRUST wants to ensure that SOPs are well documented, but more importantly, followed with workflows and ownership.
  6. Assessors and enterprises will now be able to objectively score each control using the Control Maturity Rubric.
  7. Managed now holds greater importance in comparison to measured.

The key takeaways are as follows:

1) Change in weightage

Maturity LevelsOldNew
Policy25%15%
Procedure25%20%
Implemented25%40%
Measured15%10%
Managed10%15%

2) Updated HITRUST Control Maturity Rubric

An objectively defined control maturity rubric is in place. It will aid in quantifying current state of controls during self-assessments for HITRUST prospective enterprises & for validated assessments. There are 5 tiers for assessing the strength of the control (policy, procedure, implementation, measurement and management) and 5 tiers for assessing coverage and adherence.

3) Applicability

The new scoring rubric is applicable for all myCSF material created and all assessments (self and validated) submitted to HITRUST in the year 2020.

4) Will the new scoring metrics impact already certified organizations?

Not yet, but it will play a role in re-certification. The metrics associated with the original assessment will be applicable for the interim assessment. 

Due to the updated assessment guidelines, companies up for re-certification will be required to implement their CAPs associated with implementation. In turn, this will aid in increasing your implementation score, and, consequently, increase your scores for measured and managed.

    Ready to Start?



      Download Case study




        Download Guide




        Human Resources Director

        Posted On: 09 May, 2022

        Drop your CVs to joinourteam@accorian.com

          Interested Position

          First Name

          Last Name

          Email

          Total Experience

          Mobile Number

          Upload Resume