“It’s been really surprising, just the degree of inhumanity in some of these bad guys.”
Kris McConkey works for the leading professional services firm PwC, where he acts as the Cyber Threat Operations Lead Partner for their clients in the United Kingdom.
McConkey and his teams work directly with PwC’s clients, with an emphasis on threat intelligence, and incident response to high-sophistication threats.
When the pandemic struck, and organizations shifted to a primarily Work From Home (WFH) arrangement, McConkey witnessed numerous changes in the security landscape—from both attackers and defenders.
Here’s what McConkey experienced and learned during the pandemic.
Primary changes in the cybersecurity landscape due to COVID-19 and WFH
McConkey watched his clients transform their risk posture when they transitioned to WFH. Many organizations dissolved their perimeters and lost the security controls they relied upon to protect themselves.
At the same time, their internal IT teams became overwhelmed by the tasks required to spin up and manage their new technology environments. They no longer had the time to handle even small security incidents, and began to ask McConkey and his teams to shoulder more of the burden of their defense.
This created a perfect storm of vulnerabilities. Attackers have taken advantage of them, and launched waves of large-scale ransomware attacks that have resulted in many seven and eight figure losses.
McConkey’s advice: Be prepared
McConkey believes that organizations must better prepare themselves for any attack that might strike. He recommends they:
- Create a strong negotiating position against ransomware attackers, by developing the ability to kick them out—and keep them out.
- Make response plans for a breach—and stress test them—to bounce back quickly during a breach.
- Focus on building the fundamentals— strong visibility and control over assets in your endpoint environment.
To dive deeper into McConkey’s story, and to learn more about what happened when the world stayed home, visit world-at-home.tanium.com.