Over the last year or two, businesses across the world have had to deal with change and upheaval on a vast scale. Political shifts such as Brexit or the US-China tariff wars made many supply chains volatile. Then Covid-19 left everyone scrambling to find their ‘new normal.’
In the wake of the pandemic, our collective online activity surged. More people were allowed to do their jobs while working at home. Those who had to deal with local lockdown measures had no recourse but to go online for entertainment and social interactions. These changes have led to a considerable increase in cybercrime activity, with many organizations and end-users unprepared to address vulnerabilities.
However, this so-called ‘cyber-pandemic’ doesn’t have to be a disaster. Communities have found various ways of adapting and responding to Covid-19, such as an MIH platform for EMS services. Likewise, we can see the cyber-pandemic as an opportunity to step up. Here’s how your organization can be a leader in its cybersecurity response.
Understand the rise of cybercrime
The global fear and uncertainty regarding the coronavirus is a significant reason behind the rise of cybercrime in recent months. Reports indicate an increase of 600% in malicious emails, for instance. Several fake coronavirus-related apps have been removed from the Google Play Store, which attempted to invade the user’s privacy.
Hackers have targeted healthcare and medical research organizations, and are also increasingly impersonating them to lend credence to various online scams. These include spamming links through email and social media, or putting up fake websites to solicit payment information from an unsuspecting user.
The cyber-criminals are exploiting this unique situation, but their methods aren’t new. Phishing, malware, and social engineering have been constant threats in the cybercrime landscape for years. Cybercrime continues to focus on the easiest targets in the virtual realm: the end-users. And in today’s world of work-from-home employees, that likely includes a large portion of your team.
Adopting measures in response
No one can be sure yet of how things will eventually shake out once the threat of the pandemic has receded, but remote work might be here to stay. Thus, it becomes imperative for businesses of any scale to take the necessary measures to protect their employees as the balance of jobs shift towards greater online communication and collaboration.
Even before the cyber-pandemic, experts had pointed to the human element as the weakest link in most business systems. If you haven’t made a point of training people about the risks of opening suspicious emails, downloading files or attachments from unverified sources, or using secure passwords, now’s the time. Make those training adjustments, circulate reminders, and conduct periodic refreshers as needed.
The relatively ad-hoc nature of adjustment to recent events means that some businesses might shift to remote work without being fully-prepared in terms of infrastructure. This can amplify the risk factor in two ways. First, it encourages the practice of BYOD (bring your own device). Issuing a company-provided device to employees requires added logistics and effort; it’s more convenient to let people use their own laptops and reimburse them. But these devices are far less likely to be sufficiently secured.
The second risk arises when rolling out security patches and updates. When people work remotely, they tend to be asynchronous. Everyone might be present for a video conference, but outside of that, they probably go online and access your company resources at different times. Thus, although user behavior remains the top risk, it’s vital to ensure uniform, strict levels of security throughout your business infrastructure.
Leading with risk intelligence
As the world continues to move forward with one leg treading in the virtual realm, businesses also tend to work together. In this sort of information network, it’s no longer enough to ensure that your internal cybersecurity practices are top-notch. Your company also forms part of a bigger data network, which includes consumers, partners, and vendors.
This challenge can also be viewed as an opportunity for you to lead with risk intelligence. For instance, you can insist that data cannot be shared across organizations without implementing a higher level of encryption and fraud analytics across the network. You can also consult with a professional risk officer to determine opportunities for improvement in the event of a second wave or similar crisis.
On the evidence of the last couple of years, our world seems to have entered a highly volatile period. Rapid and sometimes dramatic change might become the norm. Yet disruption doesn’t always have to be negative. Understand what you can do to ensure top-class cybersecurity, and your company can earn distinction across tomorrow’s potential consumers, employees, and strategic partners.