Cybernews
  • News
  • Editorial
  • Security
  • Privacy
    • What is a VPN?
    • What is malware?
    • How safe are password managers?
    • Are VPNs legal?
    • More resources
    • Strong password generator
    • Personal data leak checker
    • Antivirus software
    • Best VPN services
    • Password managers
    • Secure email providers
    • Best website builders
    • Best web hosting services
  • Follow
    • Twitter
    • Facebook
    • YouTube
    • Linkedin
    • Flipboard
    • Newsletter

© 2021 CyberNews - Latest tech news, product reviews, and analyses.

Our readers help us create quality content. If you purchase via links on our site, we may receive affiliate commissions. Learn more

Home » Security » Making sure your trade secrets are safe in our new, distributed normal

Making sure your trade secrets are safe in our new, distributed normal

by Adi Gaskell
19 November 2020
in Security
0
Top Secret typed on paper

© Shutterstock

21
SHARES

The widespread transition to remote working during the Covid-19 pandemic has been well documented, as has the change this situation forces upon us in terms of our cybersecurity. Physical meetings have moved online, with this decentralization resulting in an acceptance of cloud-based technologies that is unprecedented. Indeed, many organizations are actively exploring how to migrate many of their physical operations online.

For tech-savvy companies, this transition has been pretty straightforward, if indeed it hadn’t already happened prior to the pandemic. More traditional companies have been somewhat slower, however, and the extreme time pressures placed upon people has caused information security to take a back seat. And the threats aren’t merely restricted to customer data.

Corporate and even national espionage is increasingly common in a time in which so many of our key pieces of intellectual property are held online.

Canadian telecoms company Nortel is a prime example of a company that suffered enormously from their IP being hacked, and earlier this year Russia was trumpeting a vaccine for Covid-19 that is widely believed to have been acquired after hacking western labs.

Protecting trade secrets

The shift to remote work has made the protection of these vital trade secrets that much harder to achieve. The pace of this transition has forced many organizations to cut corners to ensure business continuity, with cybersecurity among the first things to be cut. For instance, a paucity of work laptops meant a widespread implementation of ‘bring your own device’ policies that allowed employees to use their own computers via remote access software.

Sensing an opportunity, the pandemic has seen a significant increase in operations by hackers. For instance, American law enforcement agencies recently uncovered an extensive attack masterminded by a Russian hacker group on employees from dozens of major Fortune 500 companies, all of whom were working from home. The attack was delivered via malware that was deposited on popular websites.

The vulnerability was triggered when the computers were part of either government or corporate networks.

This kind of vulnerability has a number of origins. For instance, the distributed storage and creation of information presents an attractive target for hackers, especially as their rapid installation has often resulted in faulty configuration that leaves the door half-open. In such a circumstance, it’s often less a case of if an attack will happen as when it will. Indeed, it’s not uncommon for an unsecured device to be attacked within a few minutes, with massive undirected automatic attacks capable of targeting every digital device that isn’t securely patched.

Even the most advanced systems are no guarantee of safety, however, as poor configuration can often be the consequence of a hasty installation. It’s important to remember that security is only as strong as its weakest point, so even the most basic aspects must be taken care of.

Secure your employees

Another often overlooked aspect of the best cybersecurity is the workforce. Social engineering is such a potent means of cyberattack that Kevin Mitnick made his name from it. The stress associated with the pandemic has been well documented, with employees having to get to grips with new ways of working, often whilst adapting to new home circumstances, and grappling with the health and economic risks of the virus itself. 

When we’re stressed, we tend to make poor decisions, which can leave us vulnerable to attack.

Throw in the inevitable distractions that working from home is likely to present, and it’s an environment that is extremely vulnerable. This could be a malware attack or even something as seemingly innocent as a family member using a device to search the internet. If detected early, these attacks can be limited, but the very nature of trojan horse attacks is that they can remain undetected until it’s far too late.

So what can you do to ensure you, your workforce, and your intellectual property are kept safe and secure? While not intended to be an exhaustive list, the following are some good steps you can take:

  1. Identify what is truly important – A crucial first step is to have a strong idea of just what the most important pieces of IP are to your organization. This could be source code, chemical formulas, or even key customer records. Ask yourself the honest question of what harm would it do to your business if this information fell into the wrong hands? This will help you to identify the information that is truly worth protecting as much as you can and distinguish it from the vast majority of other information your organization will have.
  2. Limit access on a need to know basis – Hopefully, your culture is such that you treat all information respectfully, but the key IP for your business should only be distributed if verifiably required. This is common practice in industries such as the military, and is a good habit for you to get into during the pandemic (and beyond). You may experience some kickback on this, as it runs counter to the openness that is increasingly common, but these are unusual times that require unusual measures.
  3. Track information usage – The next stage is to develop robust systems to accurately track and monitor information usage and access. The most secure approach is to implement strict access rights to this vital information, and track who accesses it, and when. There are a growing number of vendors that seek to automate these processes to make it easier for companies to maintain security.

Corporate espionage is not a new thing, and organizations have long had to ensure their key intellectual property is safe from prying eyes. As with so much, the pandemic has exacerbated these concerns and made it doubly important that organizations get their house in order.

Share21TweetShareShare
Next Post
IRC botnet infiltration

We infiltrated an IRC botnet. Here’s what we found

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Editor's choice

One of the biggest Android VPNs hacked? Data of 21 million users from 3 Android VPNs put for sale online
Security

One of the biggest Android VPNs hacked? Data of 21 million users from 3 Android VPNs put for sale online

by CyberNews Team
26 February 2021
4

A user on a popular hacker forum is selling three databases that purportedly contain user credentials and device data stolen...

Read more
A blast from the past: the finest retro PCs people use

A blast from the past: the finest retro PCs people use

26 February 2021
How this IMDb flaw gave me credit for working on Chernobyl, GOT, and other gigs

How this IMDb flaw gave me credit for working on Chernobyl, GOT, and other gigs

25 February 2021
Forget Bruce Willis. AI will protect us from killer asteroids instead

Forget Bruce Willis. AI will protect us from killer asteroids instead

24 February 2021
COMb data leak - Mother of all breaches

COMB: largest breach of all time leaked online with 3.2 billion records

12 February 2021
  • Categories
    • News
    • Editorial
    • Security
    • Privacy
  • Reviews
    • Antivirus Software
    • Password Managers
    • Best VPN Services
    • Secure Email Providers
    • Website Builders
    • Best web hosting services
  • Tools
    • Password generator
    • Personal data leak checker
  • Engage
    • About Us
    • Send Us a Tip
    • Careers
  • Twitter
  • Facebook
  • YouTube
  • Linkedin
  • Flipboard
  • Newsletter
  • About Us
  • Contact
  • Send Us a Tip
  • Privacy Policy
  • Terms & Conditions
  • Vulnerability Disclosure

© 2021 CyberNews - Latest tech news, product reviews, and analyses.

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.

Home

News

Editorial

Security

Privacy

Resources

  • About Us
  • Contact
  • Careers
  • Send Us a Tip

© 2020 CyberNews – Latest tech news, product reviews, and analyses.

Subscribe for Security Tips and CyberNews Updates
Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!