|
A new survey of security and IT leaders by csoonline.com sheds light on how organizations across industries are dealing with the COVID-19 crisis, how prepared they were when the pandemic first hit, how vulnerable they are, and what the long-term impact on companies may be.
Unsurprisingly, the survey found there has been an increased number of employees working from home. It also found that more than 26% of survey respondents said their organizations have seen an increase in the volume, severity, and scope of cyberattacks since March 12, 2020. Only 54% of survey respondents indicated their pandemic (business continuity) plans prepared them for the current situation.
As our reliance on the internet and its underlying infrastructure of domain names, domain name system (DNS), and digital certificates has increased dramatically during this pandemic, so has the threat of these digital assets being attacked.
In our recent white paper, “Beyond the Firewall: Implementing DNS Defenses to Mitigate Online Vulnerabilities and Threats”, we explained that DNS forms the underlying infrastructure for how the internet works, serving as a directory to point users to the right web content. But when DNS goes down, websites go down. When that happens, the logical thing is to use phones and email to keep business running. However, that’s not possible, because downed DNS means no email, no phones (VoIP), and no remote employee login through virtual private network (VPN). It also disallows file transfer protocol for moving large datasets and various multi-factor authentication services (for example, email, Google®, and Microsoft®).
We explain further that the simple-looking acronym, DNS, belies the complexity of the system that is made up of a worldwide web of separate entities working in a relay of information exchanges. This complex nature exposes the DNS to multiple potential points of failure, as each point in the system could be vulnerable to attacks, such as a distributed denial of service (DDoS) attack, DNS hijacking, DNS cache poisoning, and domain shadowing, to name a few.
Since the failure of these digital assets can clearly lead to a significant impact in terms of lost revenue, data, and brand reputation, secure digital asset management is a boardroom discussion and should be included in your business continuity plan (BCP).
The Business Continuity Institute’s annual BCI Horizon Scan Report identifies the top 10 business continuity threats for the next 12 months, as reported by 569 global respondents. And perhaps surprisingly to some, digital assets play a contributing factor in five of these risks:
Boards are responsible for understanding risk. It’s clear from what I’ve outlined above that digital assets are at risk of poor management and the threat of third-party attacks.
If you’re unsure how robust your approach is to managing corporate digital assets, use the CSC Domain Security Checklist. It’s a free resource based on our defense in depth security approach that walks you through pertinent questions and identifies risks that may not have been considered.
For a more in-depth consultation, CSC Security CenterSM will analyze your portfolio and identify security blind spots to help you mitigate cyber threats.
If an incident occurs as it has done recently in the shape of COVID-19, the actions of the board and the organization’s BCP will be closely watched in the court of public opinion, the legal courts, and by lawmakers.
Sponsored byDNIB.com
Sponsored byRadix
Sponsored byCSC
Sponsored byVerisign
Sponsored byWhoisXML API
Sponsored byIPv4.Global
Sponsored byVerisign