Navigating a post-COVID-19 world through a cybersecurity lens

Resources

IronNet Blog

Executive Commentary, Threat Research, and Analysis from the IronNet team.

Wait … was that a cyber head fake?

Navigating a post-COVID-19 world through a cybersecurity lens

From a cybersecurity perspective, so much has changed since the onslaught of COVID-19. We have always lived with the mission of finding new unknown threats, while anticipating the ones that we simply cannot see. It’s been a game of “catch-up” where success is measured mostly by reducing the time it takes to detect and respond to new attacks. Nonetheless, these are all planned steps that move organizations forward and happen over time at the discretion and strategies of individual organizations.  COVID-19 has changed this proactive approach.

As the coronavirus took a foothold in China and began its march across the globe, businesses and entire nations initiated shutdowns that have completely changed the way in which the globe functions. This shift is not promoting forward-motion but rather “survival mode” with an unknown timeline and uncertainty. The impact from a security perspective has been both sudden and massive as we take on additional risks of securing a global workforce that is remote and starting from scratch — at the same time

Déjà vu … I sense what’s brewing  

Most cybersecurity specialists will agree that the current situation feels like a reboot of the late 1990s when WiFi availability and speeds drove the need for laptops and, with it, the need to secure and train both the devices and the people using them concurrently. Today’s newfound reality is a step back for sure and, as far as I’m concerned, last November may as well be 10 years ago.

Having been in this business for more than 20 years, I have the unique benefit of witnessing the cybersecurity world from various evolving perspectives. Through this lens, the largest shifts to our profession do not come from hackers directly. Instead, they are prompted by world events in which attack groups (nations-states or otherwise) simply take advantage of the situation as vulturous opportunists with a motive and a nefarious mission.

Unfortunately, it’s not dramatic to ask, “What will COVID-19’s legacy be from a cybersecurity perspective?” Time will tell, but we can make some predictions now.

Catch us if you can …

As I write this piece, China is attempting a global “head-fake” by backtracking on the accountability of the coronavirus, in turn creating doubt regarding the timeline and accuracy of their own impact.  At first glance, this looks to be just another volley between China and the West. In reality, however, it is more likely that this is meant to make an internal statement to the Chinese people in an attempt to dispel fear and to prevent a groundswell of dissent. What we can learn from this is how the past leads us to where we are today, and maybe gives us a glimpse of what’s ahead.

A portion of the middle class known as the “Lucky Generation,” those born between the late 1970s and early 1990s, has enjoyed a level of wealth and freedom that was not available to those before them. In response to concerns about the economy, this middle class segment is seeking investments outside China.

China’s path to world dominance through their Belt and Road Initiative (BRI) has slowed significantly, causing China to rethink the priority of routes to countries with the ability to repay finance instruments that came largely from China’s private banks. It is ironic, therefore, that the spread of the virus did not follow the BRI routes so much as they followed the more popular destinations of the middle class, to France, Spain, Italy, and the United States. You could say the virus spread along this wealth route.

So what does this mean for innovation? 

To reference a favorite saying, “necessity is the mother of all invention,” I think we are in for a ton of it. Innovation, that is. Surely another outbreak is right around the corner, and we will see major efforts toward innovation in a variety of advancements. I believe this scenario will lead to new approaches to security, and ones that are adaptable to rapid changes in how governments and businesses perform their functions.  

What will the world look like a year or two down the road?  Will we trade in all those laptops, and have all of the workers return to physical locations? Will we ever see “open workspaces” again? I suspect what we will see are more innovative ways to design and provide for flexible workforce arrangements that will need to be trusted and secure. In any case, clearly the wheels of innovation are spinning as we speak, and I am curious to see what entails.  

Yes, November 2019 does seem so long ago and so much has changed except for one thing:  the notion that we can best defend our interests through collaboration. Here, it is true that “The more that things change, the more they stay the same.” Likely as we speak there are well-organized and funded adversaries that are steps ahead of our current abilities to detect and respond to developing threats. The bad actors of the world do not always operate autonomously, and entire underground economies have been established with support structures that mimic legitimate business — all in an effort to execute attacks on our interests.  They combine forces to achieve their goals. We need to do the same, through Collective Defense. See, for example, how the C5 Cyber Alliance to Defend our Healthcare has quickly set up collaborative response.

When I think back to earlier global situations, most of the efforts I was involved in related to ensuring we could securely communicate threats across departments and agencies. Taking that to the private sector was the creation of Information Sharing and Analysis Centers (ISACs) and the growth of Infragard. Collective Defense takes this community perspective and operationalizes it at a network level, at an analyst level, and at an interoperability level, thereby creating a force multiplier that significantly reduces the time to detect threats and allow participants to fight a fair fight. 

As we come out of the impacts of COVID-19, we should brace ourselves for a tidal wave of innovation followed closely by a potential onslaught of attacks and threats.  Let’s not go for the head fake. Defending in isolation simply will not work as we look to protect our future investments.