Cyber security and home working

For example, some employees may be using their own equipment which may not be protected in the same way they would be within the company’s usual secure environment.

In recent weeks it has also been well documented how hackers are using coronavirus conspiracy theories to spread phishing scams, including many e-mails that appear to come from legitimate sources.

Both the National Cyber Security Centre in the UK and the Cybersecurity and Infrastructure Security Agency in the US issued a joint alert on April 8 to warn that hackers are attempting to exploit the Covid-19 pandemic, stating that cyber criminal are using malware and ransomware to target businesses across the UK and US.

Scams include e-mails that claim to provide information about new coronavirus cases in your area or to offer tax refunds. The primary purpose of these malicious files or links is to install malware on victims’ systems in order to harvest personal details.

To keep company data and networks secure organisations should implement appropriate safeguards. These may include:

• Effective enforcement of remote working and data governance policies;
• Controlling access to corporate systems;
• Utilise multi-factor authentication for networks and business applications;
• Where appropriate ensuring devices encrypt data whilst at rest and/or are correctly configured to do so;
• Assist employees in setting up secure home wi-fi and mandate public wi-fi is not to be used;
• Reminding employees to remain vigilant when opening e-mails, attachments and embedded links (especially from third parties they do not recognise);
• Support employees throughout the outbreak period, providing additional training where appropriate
• Procuring comprehensive cyber insurance (if not already in place) and/or notify insurers of any changes to your normal security protections, to ensure this does not compromise existing coverage