The IT Security Pandemic
Pandemic in the Shadow - IT Security in the Cloud
COVID-19 has influenced almost all areas of our lives and in some cases changed them drastically. The pandemic has also had a considerable impact on the need for and perception of IT and IT security: For example, large sections of the population have come to understand the relevance of data security. This became clear, for example, in the debates about the Corona warning app and digital vaccination cards in relation to health data and geo tracking.
Companies and public institutions are increasingly relocating work and learning sites to the private sphere or to the home office . Many schools and businesses have developed ad hoc solutions for ongoing operations using digital tools and implemented them under time pressure. The companies' top priority was initially to keep operations running.
As a result, digital "stopgap" solutions for home offices and remote access were created in many places, which are not suitable for continuous operation - especially in terms of security. As the overall situation lasts longer, it is time to transform these "emergency solutions" into stable secure solutions - a difficult task in itself.
The IT security pandemic in the shadow of the pandemic
With digitalization intensified by the pandemic, the digital space is becoming increasingly attractive for cyber criminals. The Corona pandemic acts as a catalyst here: it reinforces increasing cybercrime and accelerates it. Fittingly, the media are talking about a "cyber pandemic" here.
Analogously, other terms that we know well are also adapted: For example, there is talk of incidences regarding successful cyber attacks concerning possible attack targets. Changes and mutations of pathogens are compared with the adaptations and changed tools and methods of cyber criminals.
There are even symptomless progressions in IT security: the "host" (computer, network, company, ...) only serves as a propagator until a target is infected, where the criminals can strike and thus smell prey.
Protection against "pandemic-driving" systems is tough here. Once a system is infected, it is uncertain where deceptive backdoors may have been built in.
How do you protect your business from the cyber pandemic?
Software (e.g., SIEM tools) that cleverly and permanently monitors the flows and logs of a system can support the early detection of attacks. Artificial Intelligence and trained algorithms are used to analyze extensive log entries to change settings and access sequences. Untypical or unexpected behavior is reported by the software and can then be verified. To react quickly if the worst comes to the worst, the company's own or commissioned IT security experts should be available and able to take action quickly.
Since the dynamics of such cyber pandemics are very high, the adaptation of systems to be protected is also costly and must be carried out permanently. A sustainable IT-Security Management for companies is therefore indispensable.
Staying up to date in terms of cyber security
Fortunately, defense mechanisms are evolving as quickly as attack strategies these days. Software manufacturers, for example, usually react quickly to new security vulnerabilities so that hackers are given as little time as possible to exploit the vulnerability. This was recently demonstrated in the case of the vulnerability discovered in Microsoft's Exchange server. Here, the BSI also reacted directly with a statement and recommended an immediate update of the software.
However, it is up to the user to decide how quickly the security gap is closed because they must cooperate and implement patches or updates. Therefore, it is extremely important that companies keep their systems up-to-date and do not neglect important security patches and updates. This important ongoing task can be entrusted to a professional service provider in the managed service operating model.
Staying up to date - yes, please, but without failures!
Depending on the system, security updates can lead to downtimes of machines or departments, which becomes particularly problematic if they are not operated redundantly.
The cloud provides a remedy here: via cloud systems, for example, parts of the organization and responsibility can also be handed over to providers and operating partners. The top 3 major hyper scalers, Microsoft, AWS, and Google, are responsible for the security of their infrastructure, for example. And they can do that; after all, dedicated teams are working around the clock to secure the systems.
In addition, it makes sense if a professional managed service partner also Security Operation Services for the installed systems and solutions. He can set up systems in such a way that virtually no downtimes occur for the end-user. Updates are installed at regular intervals and additionally on request by the operator.
However, the race to keep systems secure is ongoing. Therefore, developing new solutions and possibilities for protection against cybercrime must also be continuously driven forward.
We come back to immune systems - much like humans: Healthy systems keep learning and never rest. So it's important to stay up to date, look for new vaccines against the new cyber pathogens, and don't slack off.