Cybersecurity & COVID-19 – Five Tips

COVID-19 has forced a new reality on businesses the world over, forcing millions into working remotely and making companies face up to new cybersecurity challenges. According to Deloitte’s Cyber Intelligence Centre, the pandemic has seen an increase in phishing and ransomware attacks and malspams, as attackers target employees working from home, often on personal devices.

So, how can businesses best protect their critical data from attacks like this? Here we outline five key tips to enable your company to combat cyber-security threats in the age of COVID-19, through technologies, meticulous planning and ensuring employees are properly educated.

1. Protect your critical capabilities

Taking certain key measures can enable your company to maintain its cybersecurity and keep critical processes untouched. Firstly, by cataloguing critical assets in an inventory you can eliminate potential vulnerabilities and develop an effective strategy to monitor and manage them.

You can protect assets through measures such as layered access for privileged users to access critical systems. This can help you to detect suspicious activity and guard against attacks. Overall, investing in solid authentication measures will help keep you secure, as will monitoring activity on critical assets.

2. Plan properly for remote working

Meticulously integrating aspects of remote working into your cybersecurity policy will help your company transition to having more remote workers (after all, homeworking is a growing trend, even without the impact of coronavirus).

Make sure your policies account for things such as remote working access management, privacy data considerations for employees accessing sensitive data and, perhaps most importantly, factoring in the use of personal devices.

If your employees are working on their own devices, they will need to have the same level of security as company-owned devices. Doing this may take time, but it is an absolute must to invest in in order to protect your critical data and assets.

3. Harness the power of the cloud

A cloud-based security architecture can ensure that remote employees are as protected as possible, without the need for expensive hardware or software. A cloud solution can also enable you to utilise threat hunting across devices, even those that are not on your network or outside of your firewall.

The cloud can also give you more comprehensive visibility of the devices that connect to your network, whether they are on-premise, remote company devices or personal computers, keeping your security team on top of network activity.

It of course goes without saying that a cloud-based security solution is also scalable and flexible. It can flex to meet the demands of your workers, offering scalable real-time protection for your remote workforce, however big it is.

4. Plan your crisis management

In the unfortunate event that a cybersecurity incident does occur, you’ll want to have a reliable, minutely-planned crisis management process in place. This must be quickly and efficiently executable and adaptable to the incident at hand.

A cloud-based solution can again help you in this regard, allowing a team that is widely dispersed to communicate quickly and easily and respond to the threat as if they were in the same room.

5.  Foster a culture of security and continuous education

Last but absolutely not least, creating a company culture in which all employees are as cautious as possible with regard to threats and regularly trained on cybersecurity measures can go a long way to keeping your company secure.

Even when working remotely, you can keep your team up-to-date on things such as how to spot and avoid suspicious emails, the methods scammers may use to lure them to malicious sites (impersonating charitable causes is a common one and has been prominent during the pandemic) and the company’s incident response procedures.

Ensure your team can easily contact IT or cybersecurity personnel if something goes wrong and that they are up to date on company security policies, such as least-privilege access, and any anti-malware or anti-phishing technologies or capabilities used.

A remote workforce and the different cyber-threats raised by the coronavirus pandemic may have presented different challenges for your company’s cybersecurity measures, but that’s no reason that your security should be compromised or lessened in any way. With the right procedures, technologies, education and communication channels in place, you can ensure that your employees are staying safe from cyber threats while they’re staying safe at home.