COVID-19 and Security

#WFH, SaaS-y migrations and more


  • 3,871,825 cases and 109,335 deaths in the UK
  • 10,021,471 (first dose) vaccinations


  • Started a new job
  • Interviewed at home
* Code test at home * Onboarded at home * Started at home * Still at home

## Beyond the Edge * Outside of corporate environment * Difficult to protect beyond the edge network * Heterogenous devices * Difficult to monitor users and their devices * 60% of data stored on employee endpoints
### The Good * Cheaper to have people outside the office * Decentralises physical security - good and bad? * Easier to concentrate?

### The Bad * Wider attack surface * Almost no control over physical security * Insecure Wi-Fi, use of public networks * Personal use of corporate devices
### The Solution * Better training, focus on security * FixHorseErrorsBetterSecurity * Privacy concerns around employee monitoring * Better to focus on network traffic * Use a Corporate VPN Note: Should be no such thing as a security guy Malwarebytes\: Organisation survey - 18% cybersecurity not a priority, 5% went further -- admitting their staff were oblivious' to best security practices. Volunteering with charity story

## Head In The Clouds The great migration to SaaS platforms
### The Good * Easier to deploy and scale that on-prem * More economically and environmentally sustainable * Services rapidly evolving and are updated automatically?
### The Bad * Limited visibility of assets * Overprovisioning of access permissions * Lack of auditing * Need to consider: provider's security controls, where data is held, what they can do with it * "Zoom Bombing", Microsoft 365 Supply-Chain Attacks Note: Zero-trust cloud? End-to-end encryption Mimecast Certificate Hacked in Microsoft Email Supply-Chain Attack "These products would access customers Microsoft 365 exchange servers in order for them to provide security services (backup, spam and phishing protection). Since these certificates were legit, an adversary would have been able to connect without raising suspicions to eavesdrop and exfiltrate email communications"
### The Ugly * Poorly implemented APIs (e.g. Microsoft privileges) * Crimeware as a service (e.g. Emotet) * On average, 2.8 cloud security incidents * Phishing attacks (40%) * Ransomware et al. (24%) * Accidental Data Leakage (17%) * Account Compromise (16%) * Difficult to track down issues * Don’t assume anything

### Misinformation * Phishing - personal and professional (e.g. Lancaster) * Anti-mask, Anti-vax, Anti-COVID?! * "Voter Fraud", Lockdown Protests, Note: Protests (many violent): South Africa, Brazil, India, Kosovo, Malawi Lockdown: Yellow Vests Movement in Paris Myanmar (Burma): The armed forces had backed the opposition, who were demanding a rerun of the vote, claiming widespread fraud Phishing is the easiest vector
### The Solution * Monitoring private messaging - can/should we introduce a backdoor? * Using artificial intelligence (e.g. [Re:scam]( * Discussions to have * Platform or Publisher? * Censorship or Sensible?

Looking Ahead

  • Artificial Intelligence (Darktrace, CrowdStrike)
  • Attacks on Industrial Control Systems
  • Cyber Warfare (e.g. Stuxnet) and Nation State Attacks
  • Widening influence of China and Russia

Your Career

  • Cyber is not suffering - over half of businesses have staff shortages [in security] continue to put their organisation at risk"
  • Cyber is so much wider than you may think
  • No such thing as “the” cybersecurity qualification!
  • Do your research! I personally enjoy: Darknet Diaries, Dark Reading, Krebs on Security, Reddit, Hacker News, NCSC and Whitepapers and Reports
  • You have plenty of time!
## [WCIT]( * 100th livery company of the City of London * Four pillars of activity * Charity * Education * Industry and Commerce * Fellowship * Fantastic opportunity to meet people from all over who work in the IT industry
### Journeyman Scheme * Get involved with the company early * Work with a mentor for 3+ years * Get involved in our charitable efforts * Dress up fancy and go to dinners!

Any questions?

You can get in touch with me here.