Escaping chaos: making it through 2020

No doubt by now you feel as though everything is coming apart. Unchecked political greed, terrorism as a means to an end, and cyber warfare growing exponentially.

There can be no doubt that there is a large body of people who feel as though they will lose even more profoundly unless they "reverse" current trends. For example, the Chinese Communist Party (CCP) is telling their apparatus that the fast recovery of the USA from COVID might cost them 100 years of progress against the west. Apparently, within the CCP up to 70% of the members are unhappy with President Xi. So China is in conflict militarily with India. They appear to be preparing for a military assault on Taiwan. They are instigating conflicts with 13 countries in the south pacific and attacking many western countries using cyber warfare at the same time. It is safe to say that the current leadership feels their back is against the wall and they must do everything to keep their power.

Marxists everywhere are openly calling for violence to make political gains. The very definition of terrorism. A Canadian citizen attempted to kill the President of the United States with poison. People in this country are openly committing treason and threatening more violence and the doomsday "burn it all down" rhetoric. We have already seen that their followers do not distinguish between words and commands to action so there can be no doubt there be more devastation. All because they do not like losing power. It apparently has not occurred to them that regular people do not like being bullied and they will not reward violent dictators and their commands to comply.

Political and military conflicts create new risks to organizations and most are not trained to operate well during such upheaval.

From a cybersecurity point of view, all the chaos represents a massive wave of threats. We have seen silly attacks like Denial of Service (DoS and DDos), but we have also witnessed insider threats causing damage.

Now more than ever organizations need to tighten up their cybersecurity and prevent malicious insiders from harming them over some rediculous political zealotry.

Organizations must:

• Ensure all systems are up-to-date with their security patches. Use a commercial solution or open-source, but do it now.
• Clean up user access. Least privileged access is more important than ever.
• Review, update, verify backups for all critical systems/networks. Increase backup frequency. Distribute backups across geography, use cloud archiving as a final protective layer.
• Now is the best time to study up on and implement zero-trust design for your networks and systems. If you need help ask for it.
• Update incident response playbooks/runbooks to reflect your organization's current operations and walk the teams through it to where they know at least the basics.
• Establish "commander's intent" and communicate it to all staff. Empower your staff to follow the commander's intent on their own.

Organizations should:

• Obtain insider threat training. The Department of Homeland security offers free resources and training. Remove anyone/everyone who is preparing to cause your organization harm.
• Increase logging. Log all failed password attempts, access denials, and reboot frequency.
• Implement some form of Security Incident and Event Management tool (SIEM). They take forever to tune, but you can quickly aggregate logs from all your security devices, windows systems, and network infrastructure. At the very least, capture the data/evidence.
• Adjust DMZ assets (web servers, email systems, etc) to provide greater protection against Denial of Service attacks. The Tech Data Cyber Range has advice on the ways to do this effectively.
• Build greater threat hunting skills on your cybersecurity team.
• Invest in training your cybersecurity team to make their skills current.
• Find ways to decompress your cybersecurity staff, they have been under a great deal of stress and really could use some love.
• Strengthen team unity by reducing/eliminating at work/business hours activities that cause division amongst your staff. Everyone has a right to freedom of speech, but that does not mean you have to be paying them while they exercise that right.

Considering how disruptive 2020 has been, you also need to take a breath. There have always been many who seek to destroy our way of life. They will not stop. Neither should you. The fact they are screaming louder and have lost all self-control means they are losing, not you.

Stay strong.