As coronavirus spreads, cybersecurity staff contend with increasing attacks, remote workers

I’ve been encouraging all my clients to conduct a threat modelling exercise, based on how they’ve set up remote access. “CEO using son’s gaming computer” was my favourite bit of feedback from these exercises…:

[…] “Much of the world has moved to a remote workforce with such great haste that cybersecurity challenges are inevitable,” Rick Holland, chief information security officer and vice president of strategy at digital risk firm Digital Shadows Ltd., told SiliconANGLE. “Once security teams have had an opportunity to come up for air, they should conduct risk assessments and red team exercises of the remote workforce. They should assess the attack surface of their remote workers, and security teams should evaluate potential security controls that need to be deployed. They should consider how adversaries exploit this new operational environment.”

Looking at the broader picture for the industry, Holland said that historically, cybersecurity is a sector of the economy where spending still occurs even in economic downturns. “There are risks to smaller and emerging firms but sales revenue and the amount of capital raised provides resilience,” he said. “To avoid going extinct, startups must have enough funds to cover operating expenses over the next few months to whether the COVID-19 storm.”

[…]

Original article here