- The increased numbers of employees working remotely presents an opportunity for cybercriminals.
- Companies must be vigilant and maintain proper controls on their data and finances.
- Leaders, IT departments and staff must work together to prevent vulnerabilities.
As the world stands together to defeat the coronavirus, another invisible threat is emerging from a different sort of viral adversary: Cybercriminals.
Distracted employees keeping businesses running from home are seen as particularly vulnerable targets for phishing and ransomware attacks as remote working creates new opportunities for stealing sensitive information and for new types of social engineering tactics.
Global losses from cybercrime already reach into the trillions each year and those losses could be all the more devastating for individual businesses given the economic uncertainty brought by COVID-19. As more individuals are compelled to work remotely, it will take a determined focus by all parts of an organization to maintain proper controls on sensitive information and finances.
Such threats must be treated with their own forms of hygiene to prevent infection. Employees must understand the importance of simple, preventive measures they can take every day. Practical tips, such as not clicking links from untrusted users, or not providing account details to unknown sources, can be powerful.
But the current environment requires an even higher level of vigilance across the team. Before allowing remote connections, companies should be certain that employees are adequately trained to fend off potential cyberattacks and know how to report a compromise – particularly when they are working remotely. Only secure connections, preferably through a virtual private network (VPN) or other encrypted mechanism, should be permitted. Multi-factor authentication is another common layer of security which should be deployed across networks. These tried-and-true preventive measures will help maintain a secure digital environment and reduce overall cyber-risk for the organization.
Other cyber-risk management methods may be less well-known, particularly for smaller companies, but should be considered. For example, a mobile device management (MDM) approach creates security controls and an encrypted environment for documents and emails stored in employees’ computers, tablets and smartphones. Companies that use cloud services, meanwhile, should confirm that their security configurations are appropriately strong and are monitored for unauthorized manipulation.
IT departments must ensure that configurations are up-to-date, newly discovered vulnerabilities are patched immediately and that any attempts to connect from suspicious internet addresses are detected as quickly as possible. The department should blacklist access from countries where employees would have no reason to be connecting to the corporate network. It is likely that IT departments will require more resources to maintain the technical infrastructure and manage the heightened fragility of networks that are being put under strain by the increased number of remote connections.
The success or failure of addressing cyberthreats during the COVID-19 pandemic will help answer some of the questions that businesses are now weighing anxiously: Are our preventive capabilities and capacities adequate? Can we rely on external service providers in a cyber pandemic, given the demands on their resources? And how do we ensure that digital supply chains of computing capacity, data storage and the platforms on which applications operate are threat-resilient?
As we work through this unprecedented health crisis, we must not overlook the exposure to cybercrime that comes with it. And in the same way that we are strengthening our defenses against COVID-19, we should not overlook the parallel work that needs to be done to ensure a healthy and sustainable cyber future.
This article was originally published by the World Economic Forum:
written by: Lori Bailey - Global Head of Cyber Risk, Zurich Insurance Group