Unfolding the Future


Cybersecurity in the age of remote working

No thanks to the disruption Covid-19 has caused, the most vulnerable targets of cyber attacks are now those working from home. Here’s what you can do.

By Charmian Leong

It’s heartening to see how quickly the world has rallied against the onslaught of the coronavirus pandemic, with businesses and people doing what they can to implement safe distancing measures. But it’s easy to forget that the threat isn’t just physical — it’s virtual, too. Pandemic-related cybercrime is on the rise, as Interpol has detected some 907,000 spam messages, 737 malware incidents and 48,000 malicious URLs between January and April alone.

According to Interpol Secretary General Jurgen Stock, “cybercriminals are developing and boosting their attacks at an alarming pace, exploiting the fear and uncertainty caused by the unstable social and economic situation created by Covid-19.”

Offices may already have beefy security systems in place, but with an unprecedented number of people now working from home or remotely, employers must now consider possible security breaches from their staff’s personal devices and unsecured home networks as well.

What your employees can do

In 2019, cybersecurity firm CybSafe carried out an analysis of data from the UK’s Information Commissioner’s Office (ICO) and reported that 90 per cent of cyber data breaches were caused by user error. Now with the increased emotional and financial stress following the spread of Covid-19, this figure is expected to rise.

To reduce such risks, have everyone connect to a corporate Virtual Private Network (VPN). But take note that hardware-based legacy VPNs are now struggling to keep up with the surge of new users, so it’s best to look at scalable and cloud-based security solutions. For example, Secure Access Service Edge (SASE) is one such cybersecurity concept that has been gaining popularity because it allows organisations to gain secure cloud access to applications, data and services no matter where the user is.

Given the vast array of communication apps available today, it will also help to standardise the platforms used. This means choosing just one video conferencing app, one file-sharing service, one messaging app and so on, and sticking to it. If there’s been a breach, it will be easier to pinpoint the source. For those who don’t have the luxury of an in-house video conferencing platform, employees should remember to use whatever security functions their legacy programs provide, such as virtual waiting rooms, virtual backgrounds and password-protected meetings.

If in doubt, employees should turn to a good old-fashioned phone call to confirm emails and texts that request sensitive data or funds, since phishing scams have grown more sophisticated in their deceit.

What you can do

Cybersecurity trainings through walkthroughs and simulations are useful, but tailoring them to the specific needs and responsibilities of different departments is key to helping them respond quickly and effectively to cyberattacks. Guidelines should also be clear, and should cover topics like new threats, required actions, and rules for data use.

Spending more money is probably the last thing management wants to do given the current economic climate, but the amount you pay for buying licenses for top security software, updating existing software, and hiring risk management and fraud management teams will still be less than the cost of a major data breach. This applies to hardware as well. Samsung mobile devices for instance, have Knox security platforms built in, thus adding a level of protection to company-issued devices.

Finally, and perhaps most obviously, backup all critical systems regularly and keep them both offline (in data centres) and online (on the cloud). Now that even more corporate data lives in laptops and phones — both susceptible to damage and theft — it is also important to factor them into your data recovery plans.

It’s a troubling and troublesome time for all of us, but the pandemic has given us the perfect opportunity to think more proactively about our cybersecurity.

Find out more about Knox here.
About Charmian Leong
Charmian Leong is a luxury lifestyle writer who has spent over a decade investigating fancy things and people. Prior to choosing the unpredictable path of a freelancer, she was covering leaders and libations (not at the same time) at The Peak Singapore.