Part of any good cybersecurity program rests on spreading good habits and inculcating employees with best practices around handling data and using network resources. In this cybersecurity is as much a behavioral challenge as it as a technological one. That’s precisely why the recent coronavirus outbreak, or COVID-19, is so potentially harmful to a company’s cybersecurity efforts.
Already, we have seen a large number of event cancellations and the shuttering of offices around the world as organizations attempt to balance public health concerns with business as usual. Many companies are actively encouraging their employees to work from home if possible. For organizations that do this routinely, coronavirus-related cybersecurity issues will be less of a concern; however, for a great many businesses, working remotely is not the norm, and it will necessarily disrupt work patterns and processes.
Cybersecurity training often teaches employees how to spot threats within their everyday work environments, and as this level of awareness becomes routinized, vigilance depends somewhat on an employee’s ability to identify things that are out of place or unusual, such as an email from an unknown domain or an email request that is out of the ordinary.
When a large number of employees are working remotely—and not used to doing so—suddenly everything in the work environment is a little different. Routines are broken; processes for getting work done might be different than before. Additionally, there is the added likelihood that many employees—in an attempt to be efficient—will use non-secure channels and processes to move data and files. The boundary between secured business networks and unsecured personal networks could become harder to police for IT teams, who will already be hard at work making sure that networks can handle the spike in data moving about the company due to remote workers.
This is an ideal circumstance for cyber criminals looking to exploit vulnerabilities in a company’s data security. Unfortunately, we are likely to see an uptick of criminal activity in light of this “opportunity” for bad actors. Accordingly, it is important to be hyper-vigilant regarding both system security and phishing/social engineering attacks.
To protect against cyber risks during the COVID-19 outbreak, we recommend taking the following steps:
- Create a plan tailored to your organization to keep business operations running while considering cybersecurity. This plan should include technological requirements, procedural requirements, and communications strategy.
- Understand that this type of disruption and change presents a key opportunity for malicious actors and employee errors. Keep this challenge in mind with all COVID-19 contingency planning.
- When shifting to a work-from-home model, if possible, take the following steps prior to rolling out:
- Ensure all employees have secured network access and have organization owned-devices rather than personal devices to use.
- Ensure all employees have sufficient Internet connectivity and access at home;
- Set up security authentication questions (for help desk and others) and multi-factor authentication prior to providing access.
- Obtain additional software access licenses as needed.
- Prepare and provide brief but clear tutorial information to employees on how to access systems remotely.
- Provide education and information prior to roll out to avoid an overloaded help-desk or call center. When the help desk is overwhelmed, it is too easy for errors to occur.
- Remind employees that company confidentiality policies remain in effect, so no work material should be taken home on thumb drives, saved to personal devices, or disposed of at home. Likewise, company information should not be uploaded to cloud or other software programs that are not part of the company’s network or printed through third-party printing companies or services.
- Clearly communicate policies that can avoid social engineering and other similar attacks while working from home. For example, wire transfers and sensitive information should not be sent via email; always confirm requests are legitimate and not fraudulent.
- Test the capacity for remote work on the network and adjust where necessary to avoid outages.
- Implement a staged roll-out if possible.
- Identify individuals from each department that can handle tasks in person if needed.
- Update your Business Continuity Plans and Disaster Recovery Plans. While many organizations have these important policies, it is unlikely they adequately address the challenges and issues that arise with a global pandemic such as COVID-19.
- Proactively review your insurance coverage in the event of disruptions or malicious activity.
While these steps will not guarantee any remote work plans will be bullet-proof, they will reduce the likelihood of malicious attacks, errors and outages.