While you’ve been busy worrying about the bottom line, cybercriminals have been quietly probing your vulnerabilities within the context of your COVID-19 distraction. Just ask the World Health Organization (WHO), who publicized the news of an attempted data breach during the height of the pandemic’s spread. The truth is, malicious software and digital terrorist threats continue to worsen, with no mercy spared for any company, of any size. Here’s why your organization should work to mitigate cybersecurity risks now —and in the future.
Cyberterrorism expanding in 2020
Briskly declining markets and growing unemployment panic did not make a dent in the resolve of cybercriminals seeking your data. Over the last few months, it seems the one job segment not affected by COVID-19 are the cybercriminals bent on malfeasance. While you’ve been worried about the transition to remote work, employee safety, and supply chain and market crashes, digital criminals continued to make an impact:
- In March, the U.S. Health and Human Services Department (HHS) experienced a cyber-attack aimed at disrupting their coronavirus response.
- In April, the World Health Organization (WHO) reported a five-fold increase in the volume of cyber-attacks targeting their staff.
- In May, the latest data showed a 238% increase in cyber-attacks against banks and financial institutions.
The Federal Bureau of Investigation (FBI) warned that foreign nation-state hackers are targeting healthcare institutions and research facilities under pressure to treat COVID-19 patients or to quickly find a cure for the illness. Cyber-attacks reported to the FBI spiked by 400% since the virus hit the United States.
This all comes, of course, as many businesses have moved their operations online in an effort to slow the spread of the virus. How these companies, both large and small, shore up their cyber defenses now will have a huge impact on their future business. As remote work stabilizes and becomes our new normal, how should organizations improve their data security to stay ahead of the current cyber threats?
Remote work and data security
Earlier this year, technology leaders and their teams were challenged to shift workforces to remote operations. Now, there are signs that this crisis-driven trend may be evolving into normalcy for many organizations.
But crisis security measures may not have the resilience of a long-term security plan for remote workers. IT teams must now lock down temporary measures to ensure long-term security as we continue to feel the effects of COVID-19 on our workforce.
Cybersecurity best practices for remote workforces should include:
- Multifactor authentication (MFA) for all digital devices, including any personal tools used to access business networks.
- Employee education and communication, particularly around two of our most common cybersecurity weaknesses: phishing email scams and weak passwords. Home routers, software, and computers should be updated with the latest security patches regularly. Educating home-based workers on the latest email scams, along with testing worker awareness should become a regular part of IT security strategies.
- Safe file sharing is another critical area where end-user education can have an impact. This includes setting rules for personal smartphones related to non-sanctioned downloadable apps — a growing target for bad actors.
- Video conferencing security will remain critical. Employee collaboration now relies heavily on these tools. Each employee should be aware of the enhanced privacy measures including lock meeting features, password protection, waiting-rooms, and content sharing restrictions.
Three of the biggest hazards related to remote work include home Wi-Fi security, phishing scams, and insecure passwords. Staying prepared for these challenges is a long-term goal for most IT teams who recognize remote work is likely here to stay.
Staying prepared for new or evolving cyber threats
Mobile cyber threats are increasing, and the latest data shows 41% of employees report sharing corporate data using personal apps at least once a week. This is just one example of how remote workers will increase the risk of cyberterrorism for your company.
CIO Dive surveyed the at-home workforce and found about one-half of workers use secure corporate VPNs to access company data. Nearly one-third admitted they are not sure about their Internet encryption features. They also found that our quick transition to remote work required nearly one-half of companies to adopt new collaboration and communication software like Zoom, which experienced some security glitches earlier in the year.
It’s critical that businesses of all sizes invest in cybersecurity now. Finding security options that cover all areas of your online operations will have a direct impact on data security. The Windsor Group Sourcing Advisory is poised to help organizations seeking a comprehensive evaluation and strategic cybersecurity and business continuity planning process. Start the conversation with our team of consultants to mitigate your future risk.