With the resurgence of Covid-19 cases in Mauritius which led to yet another lockdown, a rise in cyberattacks has been noted. Sheryl Lingachetti, Chief Information Security Officer at IgKnight gives an insight into cyber threats and how businesses can protect themselves from them.
What are the Covid-19 cyber threats businesses should be aware of?
With Covid-19, we have seen that most businesses have actually switched to a work from home model for their business continuity. This means that a lot of business activities are being conducted now on less secure home networks. Work from home also shifted patterns in working hours hence cyberattacks happening all around the clock now as employees are more likely to have information like financial details or very sensitive information at all times rather than in typical office hours where one would usually log on their work station within the corporate environment with better IT security. We have also seen phishing attempts on the rise and there has also been a resurgence in virus-infected pdf and word documents being shared by emails. Some employees have been using their personal PC and mobile phone, these devices come with risks as they are not patched as often or updated as necessary thus creating entry points for attacks such as ransomware.
Are businesses aware and prepared to face the new types of threats?
A lot of businesses are actually aware of these threats, however, most of them have been intimidated by the increased expense and investment they need to do. Some don’t even see these expenses as worth since they have never been affected before. I can tell you no system or network is unhackable, however, we can use our experience knowledge to reduce and mitigate those risks. Being unprepared when an attack happens is very damaging and the financial cost to rebuild far exceeds any implementation cost or a good cybersecurity framework.
How to better protect your company from rising cyber-attacks?
Like I mentioned earlier, a solid cybersecurity framework or plan is key here. Regular audits, constant mentoring, vulnerability assessment, and penetration testing done on a regular basis are very important. Another important aspect is also employee education where employees are taught of the social engineering attacks they can be subjected to such as phishing, phone calls, scams, and so on. On top of that using proper tools to ensure adequate security on all employee devices such as VPNs, endpoint security like anti-malware and antiviruses, and if you really can afford it try workstation virtualization which brings your desktop environment for your employees onto your cloud system. Another way to protect your company is working with an experienced security operation center like NEC Cyber Defense Operation Center, this can greatly remove the risk burden of businesses as they manage the cybersecurity aspect of businesses.
Add Comment