Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?


Management & Strategy

Old School Security Tips that are More Relevant Than Ever

Cybersecurity hygiene has never been as crucial as it is today. We are working remotely, putting in more hours and dealing with new situations we haven’t experienced. For many, this change is not only stressful, but also distracting. These changes have upended the traditional workday and, in many cases, our concentration, which introduces risk.

Cybersecurity hygiene has never been as crucial as it is today. We are working remotely, putting in more hours and dealing with new situations we haven’t experienced. For many, this change is not only stressful, but also distracting. These changes have upended the traditional workday and, in many cases, our concentration, which introduces risk. Even the most security-conscious engineers and employees might miss something important or overlook a task that would previously be a routine security activity.

Back to Basics

We have seen an uptick in cyberattacks in recent months with disruption caused by phishing campaigns, DDoS and data theft. These have always been the three most common attack vectors, but the pandemic has allowed malicious actors to take advantage of what they view as an opportunity. According to a report by Interpol, during the period of January to April 2020, more than 48,000 malicious URLs were created, which would have been used for phishing attacks and malware delivery.

Simultaneously, technologies are being introduced, enhanced and expanded almost daily to support new ways of working with investments to support home offices and proximity tracing, with 5G leading the charge. 

With this acceleration level, now seems like a good time to step back, take a breath, and re-consider the basics of cybersecurity. This does not mean slowing down, but rather taking stock of the situation to ensure that all the right boxes are ticked and innovation is not getting ahead of protection. Remember, one misstep could cost millions in revenue, brand and reputational damage.

Step 1

Adequate endpoint security should be the first area of focus, ensuring that every device has protection in place. This is foundational to keeping threats at bay and sometimes gets overlooked with the assumption that ‘it is working.’ With so many remote workers, enterprises must ensure their employees are using suitably secured and centrally-managed devices, whether personal or corporate-owned. At a minimum, each device should have anti-virus and intrusion detection with data-loss prevention capabilities installed to protect local data, with cloud-based email security for phishing and malware detection. 

Advertisement. Scroll to continue reading.

Check that there are policies to automatically update anti-virus and endpoint protection signatures, as this helps protect users against direct phishing attacks that can contain a ransomware payload. Also, review the cloud email policies. Ensure that these are up to date and can spot untrusted content being sent as attachments to users.

Step 2

The next place to review is the network firewalls. These are essential for controlling access, ensuring that only good traffic gets in and anything suspicious is rejected or reported. At the least, today’s enterprise will have next-generation firewalls on the network. These devices can look inside network traffic, identify threats at an application level, perform anti-malware actions or reject packets from untrusted sources. Take time to review the firewall policies; these are not always updated regularly and may be outdated or need replacing.

Going one step beyond the traditional firewall – and into an area where we see investment due to the increase in threats targeting home workers – is the addition of Advanced Threat Protection. This solution uses a combination of machine learning and signature testing to identify unknown traffic before it enters the network. If this detection is not successful, then the traffic is loaded into a sandboxed operating system, which causes it to activate and self-identify. This provides an additional security layer over the traditional next-generation firewall and can even detect malware that may not have been visible in any signature database.

According to a recent report commissioned by Juniper Networks, more than 80 percent of security teams need better visibility. One of the biggest challenges is not missing an alert amongst vast amounts of traffic. This is where the SIEM (Security Information and Event Management) is vital and many enterprises will have one in place – but how well is the monitoring tool managed? Being able to analyze data for visibility can provide indicators of a potential threat. Still, if the SIEM policies have not been reviewed or updated since it was deployed, it’s too easy to miss something or become overloaded in false positives. Offices with reduced staff, many remote workers, over-worked VPN concentrators and employees using personal devices increase the possibility of a breach or attack. Take time to look at what the SIEM is collecting and reporting and ensure that it has been updated to consider changes in the threat and working landscape.

Step 3

The final piece of the cybersecurity puzzle to review is the users. For many of us, the workday has changed significantly. We are no longer spending time with colleagues in an office or on the road to events and meetings, but instead working at home with a greater reliance on technology for contact and content. Remote workers must take additional responsibility for keeping data safe from attacks, but it is the role of the company to provide training, awareness and tools to make this happen. This does not need to be complicated or time-consuming, but should cover the following areas:

• Ensure that home-WiFi passwords are secure and anti-virus is installed on all computers at home – not just the work laptop 

• Remind employees that a suspicious email still needs to be deleted

• Emphasize that just because you are the only person in the house, it doesn’t make locking the laptop screen any less critical

As security specialists, we can sometimes forget that other employees do not have the tuned sense of awareness that comes with our role. Putting the foundations in place for reliable security will prevent many threats from getting in. Still, going back to basics and promoting security awareness and hygiene are the key components in keeping things safe in confusing and challenging times.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.


Twenty-one cybersecurity-related M&A deals were announced in December 2022.