Cyber security is a constant concern for businesses as cyber-attacks risk theft of information, financial damage and harm to a company’s reputation (particularly if you regularly store and manage data on behalf of clients).
While many businesses have protective measures in place to manage security threats in ordinary circumstances, it is pertinent to consider how the current climate poses new challenges and opportunities for cyber-criminals and hackers, including the fear surrounding COVID-19 and the sudden increase in remote working.
A gradual shift towards remote working had already begun for some businesses before COVID-19 made it a necessity for the majority, but now it has become the new normal for countless employees who until recently worked in busy office environments.
While working from home has many benefits and has allowed a significant number of businesses to continue to run during this unprecedented time, there are potential cyber security risks that can arise from remote working. Therefore, it is crucial to adapt and prepare for these threats.1
An effective way to mitigate human error and ensure everyone is aware of the best practices for security is to produce a remote working security policy to share with your team. If you would like assistance from our cyber security specialists to put together a comprehensive security policy tailored to your business, please get in touch.
Phishing is one of the most prevalent security threats surrounding COVID-19. There have been many incidents of criminals using spam emails or text messages to pose as official bodies such as the UK government or the World Health Organization, asking for sensitive information or requesting people open/click malicious attachments and links.
Whether they are enticing unsuspecting victims by suggesting they can “claim a tax refund from HMRC to help protect themselves from the coronavirus outbreak”2 or asking for donations toward coronavirus relief posing as the WHO, cyber-criminals are working around the clock to exploit individuals and businesses.
You can prevent phishing by checking the email address of the sender and comparing it to verified addresses (for instance, the WHO use addresses such as, ‘person@who.int’). However, a sender with the correct domain name may have forged the address to be more challenging to detect.3 It is therefore also wise to consider why someone would need your personal information and to report emails like this as spam.
If you have a security team within your business, they will be able to look into any messages like this for you and verify whether they are a threat. Alternatively, if you are concerned and need to outsource support, you can speak to our expert team by calling 02382 354320.
Although the coronavirus outbreak has sadly been a popular topic for cyber-criminals to exploit by preying on people’s uncertainties and fears, it is also essential to remain vigilant and aware of other threats. As people are preoccupied with the pandemic, many other threats can slip through the cracks. It is imperative to apply the same caution to all suspicious incoming emails or text messages, regardless of the subject matter.
Now that many companies are working remotely, there is inevitably further demand for cloud solutions as organisations seek to accelerate their digital transformations. While the cloud offers many advantages such as increased flexibility and simplified collaboration between employees, you must be adequately acquainted with necessary security measures to remain protected from attack or penetration. Data backups, strong passwords and encryption help avoid threats.
With many companies having adopted the cloud to store their resources and information, new security challenges arise. Without a robust strategy for cloud security, you risk harmful misconfiguration, distributed denial-of-service (DDoS) attacks and data breaches. You can maintain greater control and privacy through private cloud computing by restricting access to your network. Nonetheless, it remains the responsibility of your business to operate and manage cloud activities securely to detect or prevent attacks.4
Our cyber security team have years of experience helping businesses prepare for all forms of cyber security threats, from phishing to exploitation of cloud vulnerabilities. We specialise in penetration testing, assessments of security policies and procedures, and have first-hand experience successfully managing the potential risks of remote working.
We can help you keep your business and data secure, whether you are looking for temporary help during the current climate or ongoing support. Fill out our contact form, and we will be in touch to help safeguard your business.
1 Soare, B., 2019. What Are The Cyber security Issues With Remote Work?. [online] Heimdal Security Blog. Available at: <https://heimdalsecurity.com/blog/cyber > security-issues-with-remote-work/ [Accessed 5 May 2020].
2 GOV.UK. 2020. Examples Of HMRC Related Phishing Emails And Bogus Contact. [online] Available at: < https://www.gov.uk/government/publications/phishing-and-bogus-emails-hm-revenue-and-customs-examples/phishing-emails-and-bogus-contact-hm-revenue-and-customs-examples > [Accessed 5 May 2020].
3 Who.int. 2020. Cyber security. [online] Available at: < https://www.who.int/about/cyber-security > [Accessed 5 May 2020].
4 Ncsc.gov.uk. Implementing The Cloud Security Principles. [online] Available at: < https://www.ncsc.gov.uk/collection/cloud-security/implementing-the-cloud-security-principles > [Accessed 5 May 2020].