Covid-19 has rapidly changed the business landscape and forced many companies to adapt quickly or face administration. For many, this has meant a sudden shift to e-commerce and the need to manage remote workforces, both of which present increased cyber vulnerability.
Hackers have been quick to exploit the new reality, specifically targeting companies with remote workers who are now accessing corporate systems from home networks that lack enterprise-grade security. Applications that were previously only accessible from within the corporate network are now being exposed to the public internet, dramatically increasing the attack surface.
The consequences of inadequate remote security have already been demonstrated. Toll Group, one of Australia's largest logistics operators, was hit by ransomware not once but twice during the pandemic period, illustrating how threat actors are capitalising on the disruption and distraction caused by Covid-19 to launch devastating attacks.
The Essential 8 Framework
The Australian government has published a set of recommendations known as the Essential 8 framework, designed to help organisations protect themselves against the most common cyber threats. These strategies provide a practical baseline for security that every business should consider implementing, particularly in the current remote working environment.
Multi-factor authentication (MFA) is one of the most effective and easily implemented measures in the Essential 8. MFA requires users to provide two or more verification factors to gain access to a system, making it significantly harder for attackers to compromise accounts even if they have obtained a password. For organisations using Office 365, MFA can be activated with minimal effort and provides an immediate uplift in security posture.
Data backup is another critical component. Organisations should maintain multiple copies of their data across different media, with at least one copy stored off-network where it cannot be reached by ransomware or other malware. The importance of this measure cannot be overstated — without reliable, isolated backups, a ransomware attack can be truly catastrophic.
Reducing Dwell Time
One of the most dangerous aspects of modern cyberattacks is the length of time an attacker can remain undetected inside a network. This period, known as dwell time, represents the window during which threat actors can map systems, escalate privileges, exfiltrate data and prepare for a devastating final attack.
Reducing dwell time requires a shift from one-off security assessments to continuous monitoring. Point-in-time assessments, while valuable, only provide a snapshot of an organisation's security posture at a single moment. The threat landscape changes daily, and attackers do not wait for the next scheduled assessment before launching their campaigns.
Dedicated third-party security teams bring specialised expertise and around-the-clock vigilance that most organisations cannot maintain internally. These teams are trained to identify the subtle indicators of compromise that automated tools may miss, and they are not subject to the alert fatigue that commonly affects internal IT teams who are responsible for both security and day-to-day operations.
Managed Detection and Response
Cyber Citadel's Managed Detection and Response (MDR) service provides the continuous, real-time monitoring that organisations need to identify and neutralise threats before they cause damage. The MDR service operates 24 hours a day, 7 days a week, providing constant surveillance of an organisation's network, endpoints and cloud infrastructure.
Understanding that different organisations have different needs and budgets, Cyber Citadel offers financially flexible plans that scale with the size and complexity of the environment being protected. This approach ensures that robust cyber security is accessible to businesses of all sizes, not just large enterprises with dedicated security budgets.
Continuous real-time monitoring is the future of cyber security. As threats become more sophisticated and the attack surface continues to expand with remote work, cloud adoption and digital transformation, the ability to detect and respond to threats in real time is no longer a luxury — it is a necessity.
Published in Across Borders magazine — Spring 2020, p.36.