The number of cyberattacks has increased five-fold after COVID-19, as the pandemic brought new opportunities to cybercriminals. At this rate, cybersecurity threats are estimated to cost the world US $6 trillion a year by 2021. Since remote working became “the new normal”, it also became a growing gateway to new forms of data theft and as a result, companies face a significantly increased risk of cyber-attacks and data breaches.
With the ever-increasing security risk, companies now need to prioritize preventive measures for potential data loss. One of the excellent use cases of the Next Generation SIEMs is securing corporate data from cyber risks related to remote working. As the pandemic is not nearly over, to help you stay protected, we put together an ebook on how SIEMs can be used for Work From Home security, reviewing the main security aspects of remote work:
Preventing Phishing Attacks
A recent security research survey has disclosed that 37% of employees working from home, have faced an increased risk of phishing attacks in the past 5 months post-outbreak. This makes phishing attacks one of the most widely spread security risks in 2020.
To decrease the risk of data leaks, SIEMs support security teams in charge of phishing attacks by utilizing security tools such as real-time monitoring, AI-based threat detection, and data insight visualization.
Password Alerts: Why Are They Important
Just like phishing attacks, brute-force attacks have skyrocketed in 2020. There was an over 400% increase in brute force attacks in March and April 2020 alone. That’s why security teams should pay special attention to brute-force attempts and set up rule-based alerts notifying them when a certain number of fail password attempts have been reached. SIEM systems can be a handy tool for addressing this issue in a timely manner.
Videoconferencing tools such as MS Teams, Zoom, Webex, became part of many employees’ daily routine. However, these tools raised new security concerns. As employees connect in a remote work setting, privacy and security measures taken are far from perfect. Zoom alone suffered dual security and privacy crises these months. Logs of these third-party tools should be therefore tracked and analyzed, so security threats can be detected, and a SIEM can be the right system for the job.
Protecting VPN Logs
VPN is the general best practice for employees working from home. However, VPNs can be the back door for malicious actors, essentially opening up the entire network to the internet. We previously reviewed how to protect VPN logs in time of the pandemic, and how to detect VPN anomalies. In this e-book, we dug deeper into how NextGen SIEMs automate a major part of the work needed to protect VPN logs.
Given how quickly most organizations found themselves moving to remote work, it makes sense that most of the security teams would not have had time to perform basic endpoint hygiene and connectivity performance checks on corporate machines. Further complicating the matter are employees working on personal devices. In this e-book, we reviewed how organizations can use SIEMs to quickly respond to the work-from-home reality and be able to efficiently monitor endpoints.
Download the SIEM for Work From Home Security free and learn how to use your SIEM addressing these five security concerns:
Denitsa Stefanova is a Senior IT Business Analyst with solid experience in Marketing and Data Analytics. She is involved in IT projects related to marketing and data analytics software improvements, as well as the development of effective methods for fraud and data breach prevention. Denitsa supports her IT-related experience by applying her skills into her everyday duties, including IT and quality auditing, detecting IT vulnerabilities, and GDPR-related gaps.