Cybersecurity in the time of the latest Coronavirus
Updated: Mar 18, 2020
The rapid spread of Coronavirus (COVID-19) has hit governments, businesses, and people across the globe. With stock prices plummeting, factories shutting down and entire countries going under quarantine - it will take the global economy years to fully recover. So what does cybersecurity really have to do with all of this 'real world' issue? Apparently - a lot.
Businesses whose cybersecurity units will not mitigate the increased risk posed by the Coronavirus outbreak will see a significant increase in exposure.
Here are a few examples of new or increased risk due to the Coronavirus outbreak:
1. Remote Access
An increasing number of employees now have to work from home due to quarantine, fear of infection, and other various reasons. Enabling a work-from-home infrastructure for employees or expanding the existing one carries a greater cyber-risk that needs to be mediated.
Some questions that have to be answered are - What content should be accessed remotely? How secure are the computers allowed to connect remotely? How safe is the VPN service we provide our employees? Can we do anything to better secure employees' home router?
2. Change of Scenery
The standard workplace provides layers of security we usually don't appreciate enough - standard working procedures, access control, physical security and more. Most of these layers are lacking or don't exist at an employee's home and employees working remotely have to be guided by cybersecurity personnel on cyber-risk and the actions they must take to mitigate that risk.
3. General Panic
These times of concern can be distracting to employees using the company's network. The risk of unintentional errors increases for obvious reasons. Working from a less-than-formal environment also allows employees to act in ways that may not be as legitimate in the workplace e.g. surf questionable content, download risky files, etc.
4. The Ever-Ready Attacker
Attackers have already begun exploiting the current situation to their harmful advantage. We're seeing attempts to exploit people's fear of the virus' spread by creating malicious websites disguised as global coronavirus tracking maps, fraudulent emails regarding Coronavirus are sent as phishing attacks and we're even seeing attackers gearing up to target employees working remotely.
Although it looks like all activities take a back seat to business continuity at this time, cybersecurity staff, as usual, must stay alert and proactive to enable ever-changing business processes and lower the risk of cyberattacks.