Faud Khan is the founder/MD and the Chief Security Analyst for TwelveDot and TwelveDot Labs based in Canada. Faud has done a lot of work with network equipment manufacturers, managed security service providers, financial service and government agencies.
He has five patents to his name, and he has nine awaiting approval. He’s also an editor for several standards related to ISMS, Cloud Computing, Vulnerability Disclosure, Smart Grid and IOT. He has done quite a lot of work over the past 25 years as an IT professional particularly in the cyber security space.
He spoke on cyber security during CIO Africa Leadership Series webinar hosted recently by CIO MasterClass Africa for Chief Information Officers (CIO) particularly in Africa under the theme – COVID – 19: “The CIO’s Leadership Moment” – Prospects, Challenges and its implication for the African Continent – with the general direction on “leadership, strategy and operational level”, looking at CIOs role in normal times vis – a – viz the new normal defined by COVID – 19.
The Convener, CIO MasterClass Africa; Engr. Ifeanyi Frank Ogochukwu, a former CIO of Nigerian Airspace Management Agency and the Chief Technology Strategist for Debbie Mishael Consulting – an African premier consulting, implementation and training firm moderated this webinar.
Therefore, in this concluding part of TechEconomy.ng publication (series) we are focusing on cybersecurity where Faud is an expert in the field:
What are the cyber security related issues with regards Covid-19 Pandemic? What should organisations put in place to stay ahead of the attackers, especially in protecting staff who now work from home and even protect their networks during virtual meetings and other sundry issues?
“I think one, Covid-19 is the big eye opener to individuals, organisations and the government. I mean, when this happened, some companies weren’t prepared with regards to governance infrastructure or strategy for such an event. It really was an eye-opener from the perspective many couldn’t comprehend that the attack surface has changed, because when people are working in your office or in your facility, you have like high quality firewalls like IPS; you pay a lot of money for all this stuff and infrastructure. But, now all of that workforce is now distributed and so they’re working at home.
Companies’ lack of cyber security strategy
“And so, what’s changed at home. Well, a lot of people have wireless routers and they have their own internet access point. If you look at the technology for a lot of those things, first of all they are basic security features. The firewalls and the software that they use, what we call firmware, haven’t been updated for quite a while. So, it’s open to vulnerabilities. Then, because some users who aren’t used to working at home start do share stuff on their personal accounts and so they get a request – their email might not work – the VPN might not work. So, what did they do? They share corporate information; they share personal information over email and that’s the only problem.
“So, I think before now when companies say they have governance infrastructure strategy or policy, what they never considered was their workforce having to relocate overnight; it was never a consideration even in their Disaster Recovery scenarios, it probably was just never there.
“What we’ve now learned is that we do need to have that capability. And what does that mean? What we try to do with customers we’re working with is make them understand what are those different scenarios – what your attack surface is; and that could be from be mobile phones, because there’s lots of companies in North America that also issue their employees mobile phones to be able to do their work. And this is global as well and the people especially the leadership roles are issued a phone from the organization. So, they become bigger targets, potentially, because you can send something to the phone and attackers can inject something into the phone and now be able to intercept communications; all kinds of other things.
“So, it does come down to strategy of understanding what your attack surface is. Who’s going to talk to you and when? For example, we’ve had lots of customers since this whole thing happened, their websites have witnessed significant increase in kind of website attacks. So, we’re seeing customers who collect PII information; now they are heavily attacked because of that information.
“Perhaps, you might have seen some of the news; some of the security issues around Zoom and the issues for that now assuming leadership position; jumping from say 10 million users to a hundred million. Now, people are depending on them for a conversation like this. And so, what has happened is that they became a bigger target overnight whether they wanted to or not.
“What also has happened is that people are now targeting accounts of individuals. We want to use something but we don’t want to necessarily put the controls in place. So, we’ll set up a Zoom account code for the simple password and then all of a sudden it becomes easy for someone actually compromise the account or have a shared account that I’ve used.
“In other words, someone somewhere can now use that against me. And so that’s what happened.
Activities in the dark web
“And so, there’s actually people selling all kinds of hacks right now on the dark web for things like Zoom. Zoom is not the only target, I’m just kind of using them as an example. But you can see Microsoft Teams is also having issues; so a lot of service providers and the tools that we need for business right now are also under attack.
What the future looks like
“So, I think that we need to just understand those things because we never thought we were going to have that dependency. So, I think in the future as Executives, especially Security executives – CTOs, CIOs – what we will need to do is when we’re looking at our security plan for deployment, we’re going to have to think potentially those really far-out kinds of examples of what is going to happen. And how we are going to stay ahead or respond effectively. How we are going to protect our employees in the field with their technology. When our infrastructure is under attack, how we are going to mitigate that knowing that we cannot deploy someone on site depending on the situation and then also what we do for isolation and not isolation of our employees. Isolation here is of that device; so all of a sudden you have a compromised phone that is attempting to get into your infrastructure or you have a compromised laptop trying to get into your infrastructure; did you identify it and did you locate that user? Those are the key things like being able to understand and see the real life change – like monitoring of your systems is critical right now. If you can’t do that you become an easy target and those are the big things that I think we’re seeing among companies right now.
Advice to CTOs, CIOs
“They’re kind of struggling to keep up with remote administration and remote monitoring; to be able to support staff working remotely. They didn’t have the staff trained and ready to do those things. They are the companies struggling right now. So, those are the new models we need to think about. We could be getting back to work in a few months, but then, there are possibilities of a second wave of Covid-19 pandemic. If that actually happens, you know, we’re back to where we are right now. We are going to be back working from home.
“So, companies, basically the CIOs and CTOs have to think about that and what that is going to mean for them. But, it would be better to get prepared for it from a technology perspective.
“There’s a term called flat-footed. It means that you’re not moving. It’s a term used in hockey. I think they used it in football as well. So, it basically means you’re standing still and you weren’t thinking about those impacts.
“So, I think as Executives we should be prepared to be more agile; we can be more agile from a cybersecurity perspective to make sure the security and privacy are considered a novel effect model.
This is the concluding part in the CIO Africa Leadership Series hosted by CIO Masterclass Africa; Africa’s premier CIO platform establishing an ecosystem where Africa’s technology leaders can connect, collaborate, learn and resolve. To be part of this growing community please reach out to [email protected].