Téléphone: (+33) 9 75 12 81 19 Email: contact@elitecyber-group.com

COVID-19 raises cybersecurity risks

The global pandemic has forced millions of employees to work from home, all with relatively little training or preparation for those are unused to doing so. The current state of affairs heightens cybersecurity risks for businesses of all sizes. Below are some of the challenges and suggested measures to minimize these risks.

Data loss and privacy breaches

Remote work increases the likelihood that:

  • Devices with company data will be lost or stolen (e.g. laptops or devices left in cabs or public places; thumb drives misplaced)
  • Employees will use computers or devices that are less protected than office-issued equipment, or that operate entirely outside the umbrella of the company’s cybersecurity measures (e.g. firewalls; virus protection; login access controls)
  • Employees will rely on unsecured wi-fi connections in public spaces (coffee shops, public libraries, etc.) that are more susceptible to attack than secure office connections

These factors increase the likelihood of loss of corporate data and of privacy breaches from the leaking of private information belonging to employees and customers.

Make sure your employees are aware of company policies governing device use and security. If you don’t have such policies, now is a good time to consider putting them in place.

Heightened vulnerability to cyber attacks

Cyber criminals and recreational hackers are turning people’s curiosity and anxiety against them with attacks targeted to users seeking COVID-19 information (e.g. some hackers are sending phishing emails purporting to come from health or medical organizations, or even World Health Organization officials; others are posting malware-infested virus maps online to collect users’ personal information).

The proliferation of such attacks increases the likelihood that some will succeed. Remind employees of their information security training and the danger of clicking on unsolicited emails. If you haven’t implemented mandatory regular information security training for employees, you should do so as soon as practicable.

Slackened financial controls

More executives working remotely means it may be harder to implement existing financial controls to prevent fraud (e.g. collection of signatures approving transactions is more difficult; in-person meetings or calls to verify that instructions sent via email aren’t fake are more difficult when executives aren’t in the office or easily reachable by phone). Companies should be monitoring transactions closely and ensuring that any approval workarounds still allow for proper authentication of instructions.

Looking ahead

This crisis will test the cybersecurity posture of Canadian businesses and for many the lessons will be harsh and expensive. If you discovery a cybersecurity breach, follow your incident response plan. If you have cyber insurance, contact your designated breach coach immediately. If you don’t have cyber insurance, you should call your lawyers immediately and ask for a breach coach to co-ordinate your response and recovery efforts. Every hour and day counts in responding to a data breach.

Source : https://www.lexology.com/library/detail.aspx?g=81507811-6811-4147-b8e2-d5ccd7e0972e

AIRBUS
Airbus is a global leader in aeronautics, space and related services. In 2020, it generated revenues of €49.9 billion and employed a workforce of around 130,000. Airbus offers the most comprehensive range of passenger airliners. Airbus is also a European leader providing tanker, combat, transport and mission aircraft, as well as one of the world’s leading space companies. In helicopters, Airbus provides the most efficient civil and military rotorcraft solutions worldwide. Airbus is an international pioneer in the aerospace industry and a leader in designing, manufacturing and delivering aerospace products, services and solutions to customers on a global scale. We believe that it’s not just what we make, but how we make it that counts; promoting responsible, sustainable and inclusive business practices and acting with integrity. Our people work with passion and determination to make the world a more connected, safer and smarter place, on the ground, in the sky and in space.

Laisser un commentaire

Champs obligatoires *

Guardia Cybersecurity School