Many businesses across Corporate America are now starting to reopen their doors, to both clients and employees. But COVID-19 has taught both CIOs and CISOs alike some especially important lessons regarding security. In this article, we recommend some of the steps that companies in the retail, healthcare, and financial sectors take as they try to return to a sense of some normalcy.
The Retail Sector
There is no doubt that the retail industry has been one of the hardest hit by Cyberattacks. So, what can be done to prevent future attacks? Here some tips:
- Stop, as much as possible, the threat of Malware from entering your Point of Sale (POS) system. Keep in mind that most threat vectors stem from the POS. In fact, according to a recent study from IBM1, 74% of the POS breaches impacted the retail industry.
- Fortify your Point of Sale (PoS) systems:
- Deploy some kind of antimalware/antivirus package onto each of your PoS systems.
- Continue testing your PoS systems on a regular basis, to make sure they do not have any hidden vulnerabilities or weaknesses. A good Penetration Test should help you track down vulnerabilities in your systems.
- If your business makes use of a mobile-based PoS app, make sure that that the network connectivity from it and any other communications channels are well-encrypted.
- You should only work with a mobile payment provider that adheres to the highest levels of Cybersecurity, and one that will also provide you with the latest software patches and upgrades in a timely manner.
- Ensure that your network infrastructure is as “tight” as possible:
- Make sure that all endpoints are secured with a good Threat Hunting tool.
- Assign network permissions on an as-needed basis and give just enough privileges to your employees to do their daily job tasks and not more than that.
- Cyberattackers love to tap into the backdoors of your online store and insert malicious payload through such vulnerabilities. Therefore, you should implement some sort of change management configuration process so that you will be alerted in real time if any unauthorized changes have been made.
- Protect the domain of your online store. During the COVID-19 crisis, there was a great escalation in the hijacking and spoofing of legitimate domains (websites). Here are some tips to protect your valuable domain:
- Blacklist any domains and/or IP addresses that are known to be malicious in nature.
- Make sure your whitelists contain only domains and/or IP addresses that are internal to your company.
- Keep your whitelist up-to-date. Any outdated information/data should be transitioned over to the blacklist.
The Healthcare Sector
Healthcare is the one sector that is perhaps the most closely watched over in terms monitoring and safeguarding of the Personal Identifiable Information (PII) of patients. This high level of oversight is primarily driven by HIPAA. Here are some steps you can take to make sure those records remain protected, and that you do not face an audit and possibly pay penalties for non-compliance:
- Have a well-established Bring Your Own Device (BYOD) Policy: With the current trend of many healthcare workers offering their services virtually, the chances of a breach are much greater now that your employees may choose to use their own personal devices to conduct their daily job tasks. While it is always best to issue company-owned devices, this isn’t always feasible. Therefore, you need to establish clear policies when it comes to BYOD. The Electronic Medical Records Mandate gives you every right to audit your employees’ personal wireless devices, to make sure that the data is not being misused in any way.
- Make use of Password Manager software: Given the high sensitivity of patient data, it is particularly important that the passwords your employees use to access patient information be changed on a regular basis. True, setting up new passwords and making them both long and complex is not only time-consuming for your healthcare workers; it can also make a huge dent in your bottom line. Therefore, you should seriously consider making use of a Password Manager. This is simply a software-based application that securely stores your passwords and can create those long and complex passwords so that your employees don’t have to remember them. Best of all, it can create new passwords on its own, at a pre-established time interval that you determine.
- Protect the physical access to the Electronic Health Records: It is important to keep in mind that the EHRs do not only reside on the wireless devices of your healthcare workers. EHRs also reside upon the corporate servers of your organization. Therefore, you should limit the access your employees have to your server, or data center. That is why you should use a combination of security tools such as smart cards, FOBs, and even physical identification procedures as well.
The Financial Sector
The financial sector is also prone to Cyberattacks. As with healthcare organizations, entities in the financial industry also use and store the PII of clients. However, since these kinds of datasets are broader in nature, financial organizations come under the careful scrutiny of the data privacy laws of both the GDPR and the CCPA. Here are some top Cybersecurity tips for the financial sector:
- Always monitor your network infrastructure on a real time basis. True, just about every financial institution is using some combination of firewalls, routers, and network intrusion devices to beef up their lines of defense. The problem with this is that each of these devices will generate their own individual log files to report any anomalous or suspicious behavior in the flow of network traffic. Because of this, the IT Security team will very often be inundated with false positives, greatly increasing the odds that real alerts and warnings will go unnoticed. In this regard, you should make use of what is known as a Security Information and Event Management tool, also known as a SIEM. Coupled with the use of Artificial Intelligence technology, this software package can collect all of these log files, filter out the false positives, and present only the legitimate warnings and alerts in one central, unified view for quick and efficient triaging.
- Always vet your third party vendors: According to a recent study from the Ponemon Institute2, financial companies shared the PII of their customers with an average of 583 third party vendors, and 59% of those vendors experienced a security breach. Even worse, only 16% of those financial companies kept track of their third-party vendors took any proactive measures to protect the PII datasets.
Given the digital nature of the financial markets and the trading activities that precipitate from it, it’s absolutely crucial that you carefully scrutinize any third party vendor you are considering hiring to help in the processing of any financial information and/or data. You must make sure that they have the same kinds of security policies you have, and, equally important, that they are compliant with the GDPR and CCPA statutes. Remember, if your third-party vendor experiences a security breach and it impacts the PII records of your customers, the vendor will not be held responsible; YOU will be.
- Heavily restrict downloading mobile apps. Many workers in the financial industry now also conduct their job tasks straight from their smartphone, or any other type of wireless device. Whether they use company-issued electronics or their own devices, you must ensure that you carefully monitor the kinds of mobile apps your employees download. The primary reason for this is that Cyberattackers are constantly finding new ways of entering mobile apps and deploying their malware payloads that way. Probably the best line of defense against this is to establish a whitelist of approved mobile apps that can be downloaded. Also, if you are considering adding to that list, then it is imperative that you test any new mobile apps in a sandbox environment before they are included on your approved apps whitelist.
Overall, this article has examined some of the top Cybersecurity tips for the retail, healthcare, and financial industries. Implementing these tips will help to beef up your digital security, but this is by no means an exhaustive list. The other tools that you consider using will depend heavily upon your own unique security requirements.
Ravi Das is a Cybersecurity Consultant and Business Development Specialist. He also does Cybersecurity Consulting through his private practice, RaviDas Tech, Inc. He also possesses the Certified in Cybersecurity (CC) cert from the ISC2.