I recently wrote about how COVID-19 was driving rapid and dynamic changes for CISOs and a series of cybersecurity phases CISOs are now pursuing to assess and mitigate COVID-19-based cyber risks.
In both of those blog posts, I describe the fundamental problem of corporate cybersecurity now extending to home networks filled with insecure IP-connected devices; meanwhile hackers are exploiting societal malaise with online scams, rogue websites, and phishing campaigns preying upon COVID-19 paranoia. A recent article in the Washington Post, described research from Palo Alto Networks identifying more than 2,000 malicious COVID-19 web domains and another 40,000 it classifies as “high risk.”
So, work from home (WFH) initiatives have greatly expanded the attack surface and pivoted traffic away from corporate networks instrumented with tried-and-true security controls. CISOs are struggling to figure out what’s out there and whether they are vulnerable to a growing barrage of COVID-19 cyber-attacks.
What can be done? Just like COVID-19 itself, one way to address this situation is through testing, testing, testing. Rather than novel coronaviruses and antibodies however, WFH security vulnerabilities can be assessed through new types of continuous automated penetration and attack testing (CAPAT) tools.
These tools are provided as a SaaS offering so there’s no onsite hardware/software to install and operate. While CAPAT tools weren’t designed for WFH explicitly, I believe that CISOs may find them to be helpful for addressing current COVID-19 challenges by: