As more people are working from home using unsecured devices and wi-fi connections, a massive opportunity has emerged for hackers to ramp up their unscrupulous cyber activities. Get to learn the vulnerabilities and some of the best practices to protect your organization’s internal assets.
Cyber incidents are continually topping the charts as the number one concern for businesses and it is easy to see why. It has been estimated that the global rise of cybercrime will augment US$6 trillion a year by 2021.
The COVID-19 pandemic has created the perfect storm of fear, uncertainty, doubt and chaos. Since it began, numerous companies have suffered data breaches affecting thousands of customers. Even the biggest companies in the world have been victims of these cybercrimes. A ransomware attack forced Honda to shut down global operations.
These hackers have upped their game and we have to do the same. Changing cybercrime tactics and a shift to employees working from home elevates the importance of security strategies.
Keep an eye on pandemic-related online scams
It is not a surprise that cybercriminals have adjusted their methods to take advantage of the pandemic. In these unprecedented and uncertain times, hackers are more opportunistic than ever. They have pivoted from sending phishing messages asking for bitcoin, to pandemic-related email phishing scams disguised as information from the World Health Organization or the Centers for Disease Control. They also bait organizations with information about stimulus checks.
Calibrate security for the workforce
In the face of a wide range of cyber threats, companies should begin by assessing the fundamentals. Outlined are some best practices for cybersecurity during the pandemic and otherwise:
- Employees should be wary of any requests for company or personal details and validate the source, including unexpected emails or calls from co-workers.
- Ensure you have updated and installed patches on your devices such as laptops and mobile phones.
- Consider implementing multi-factor authentication.
Assess your employees’ state of mind
What might make somebody more likely to be an insider threat to the organization?
Individuals whose emotional health might be under pressure right now, and who are in a different economic situation than they previously were, pose an increased risk of insider threats.
Under the umbrella of mental health is whether firms should carry on with regular ‘bait-phishing’ exercises whereby organizations send a phishing-type email to their employees to make sure they remain alert to potential scams.
While this might be extremely difficult for companies to consider, employee stress poses an increased risk of insider threats.
Pay more attention than ever to access
Cybersecurity has shifted away from a perimeter-based security model where all assets inside a network are trusted. Instead of these system-centric security models, companies are looking at securing access to information and emphasizing identity as part of their trust culture.
Companies should start embracing zero-trust architecture. Zero-trust is a concept by which
individuals, devices and applications cannot be trusted by default and must be authenticated
and authorized first.
These are some guiding principles that should be followed:
- Assume there’s been a breach
- Always validate, do not trust
- Comply with the principle of least privilege access — granting the fewest people access to data and sensitive information as possible.
- Embrace industry wide collaboration
- Companies can benefit from collaborating and sharing cybersecurity best practices.
Fintechs usually get together and share information on what controls they have established and implemented. Fintech poses the second most frequently attacked industry with healthcare in the first spot.
It is crucial to reach out to other authorities and cybersecurity experts. Your network is more significant than you may think it is. People will share more information than you assume. Hence why it is essential to participate and contribute to the sharing community in order to help one another with the cybersecurity resilience of various industries.
Fast track in adapting to the new normal
Security threats are evolving and we have to know how their strategies have shifted, or not, during the pandemic and offer some best practices for cyber resilience.
It is critical to consider what worked well (and what did not) during the lockdown. Evaluating how to keep your business and technology safe and secure in this ‘new normal’ is paramount.
Is your organization prepared should we need to go into another lockdown? How much effort would it take for you and your teams to revert to remote working? Now is the time for businesses to reimagine and transform into the next generation of cybersecurity.
We are positioning technology as the business enabler to run an organization better and be more proactive. Structured planning and communication can lead to a vast difference in how well prepared and resilient a company is when a crisis strikes.
By being prepared, you can take good care of your staff, customers, and suppliers – harnessing technology to communicate with them and keep working even during unprecedented times like these.
OxygenIT has the best-of-breed cybersecurity solutions that keep up with the new level of threats due to exposure of your company's software assets outside the company's premises. We are committed to educating businesses on how to reduce risk, protect business IP and adapt to the current climate of increased cyber activity . Contact us today.
Join us for free webinars for the most significant cybersecurity and data backup events and get real life insights from industry experts on how to best defend against current and future threats.
Reducing Risk In the Future of Data Security in the Cloud
Wed, Nov 4, 2020 10:00 AM - 10:45 AM NZDT
Busting Recent Trends in the Cybercriminal Undergrounds
Tuesday, 3rd of Nov 10:00 AM NZDT