The COVID-19 pandemic has driven rapid and dynamic changes for CISOs and a number of CISOs are pursuing to assess and mitigate the cyber risks post COVID-19 outbreak. The fundamental problem of cybersecurity is now extending to home networks that are filled with insecure IP-connected devices. Whereas, hackers are exploiting them with online scams, rogue websites, and phishing attacks upon COVID-19 paranoia. So remote working or work from home (WFH) mode initiatives have expanded the attack surface and has paved a path for the malicious attackers that attack corporate networks. CISOs are struggling to find out what is out there and if they are vulnerable to growing trends of COVID-19 cyber-attacks.
CISOs are also finding out what can be done to overcome these issues. Just like the novel pandemic itself, one way to address this situation is testing. Not only can this be done to test the coronavirus and antibodies, but the remote working security vulnerabilities can be assessed by different types of continuous automated penetration attack testing (CAPAT) tools. An organization can have access to these tools when they hire a pen testing company to assess its security controls.
These tools work as a SaaS (software-as-a-service) so there is no onsite hardware/software required to install and operate. Although CAPAT tools were not designed specifically for remote working, yet they can help CISOs in addressing the current COVID-19 challenges in the following four ways:
Mapping the Attack Surface:
Cybersecurity teams do not know what is on the extended network. Whether it is old insecure PCs, gaming systems, or infected video cameras. It is important to discover what is out there as an experienced red team to find out assets that most cybersecurity teams do not know about but are still responsible for. Some of the CAPAT tools can address this gap by discovering and mapping the attack surface. This is an excellent point to begin the risk assessment and mitigation.
Testing Security Controls:
We know how organizations spend millions of dollars on endpoint security software such as firewalls, and a range of security controls between these endpoints. So the underlying question remains, so these controls actually work? This basic question is worth answering and considering. Most cybersecurity professionals say that one of the main implications of the global cybersecurity skills shortage is that their organization cannot fully learn their security technologies. This is why the overworked cybersecurity staff can lead to human errors and misconfigured controls on the network. CAPAT tools, on the other hand, can help CISOs in assessing whether these defense controls work and if they would know in case they failed.
Identifying Potential Cyber Risks:
With the help of an attack surface and CAPAT reports, CISOs can identify potential vulnerabilities and address specific weaknesses with the right training, processes, and measures. Although when they hire a pen testing company they already do this, these tend to be expensive third-party services that are performed once or twice each year. The CAPAT tools replace costly service with automation and provide a continuous cycle for risk assessment and mitigation.
Supporting the Existing Security Programs and Technologies:
CAPAT tools tend to emulate cyber-adversaries by breaking attacks into kill chains over time. CAPAT automated tactics, techniques, and tools can be mapped into different security frameworks. This can align the security programs and tools to an outside-in hacker perspective. The CAPAT tools can also be used in combination with security orchestration automation and response tools to provide a better security check and control on the vulnerabilities. As CAPAT tools expose system configuration issues, the potential weaknesses can be programmed into deception technologies used to fool enemies and capture valuable threat intelligence.
Conclusion
It is important to be clear, CAPAT tools are not a permanent solution but they can help expose the remote working blind spots by increasing attack surface visibility, as the old management principles state that you cannot manage what you cannot measure. In addition to this, the CAPAT tools can help security professionals think like the enemy, another fundamental part of the cybersecurity strategy. Finally, CAPAT tools have the potential to utilize pen testing and red teaming for businesses to strengthen their security controls. Most organizations cannot hire and retain experienced staff in these areas. CISOs should be able to find affordable SaaS options. This is why it is important for a pen testing company to deploy the right tools to mitigate the risks posed by COVID-19.
Penetration Testing Techniques in 2021 