Companies can't afford to sleep on cybersecurity
Research showed that 27% of employees have received phishing e-mails related to Covid-19 while working from home.
With an increasing number of businesses making the transition to go fully digital and online during the Covid-19 pandemic, security experts have cautioned that organisations should not treat cybersecurity protocols as a one off investment.
Maher Yamout, senior security researcher at Kaspersky, told Khaleej Times that as businesses scramble towards shifting their operations online, most of them fail to equip their employees with the cybersecurity training needed to protect themselves from cyber threats.
Kaspersky's recent 'How Covid-19 changed the way people work' report, 73 per cent of employees working from home have not yet received any specific cybersecurity awareness guidance or training designed to keep themselves secure from risks.
"As a result of these relaxed security measures, organisations are seeing an increase in security threats," Yamout said. "In fact, 27 per cent of employees have received phishing e-mails related to Covid-19 while working from home. Accidentally downloading malicious content from a phishing email could cause major losses to businesses data."
Businesses, he said, have certainly faced a number of challenges during this unprecedented time. "It is important that while businesses encourage their employees to shift towards remote working that they also place a great deal of importance on cyber security to ensure that their corporate networks are protected. The increase in the number of users working on online resources and Virtual Private Networks (VPN) could cause a strain on networks causing IT departments to focus less on security. This gives cyber criminals the opportunity to exploit an insecure connection."
He also added that businesses of all sizes, and individuals working from home, will continue to be a victim of such threats, at least till the pandemic pass.
Similarly, Sergii Marchenko, CIO at Securrency, a developer of institutional-grade blockchain-based financial and regulatory technology based in Abu Dhabi's Hub71 tech ecosystem, said that the importance of cybersecurity to businesses cannot be overstated - whether that is during a period of financial growth, economic crisis, or in the current pandemic.
"The uptake in remote working triggered by the pandemic, which will likely continue for many individuals into both the medium and long-term, has particularly significant implications for business cybersecurity," he said.
Remote working from public places such as restaurants, cafes, public Wi-Fi, as well as from home, increase the likelihood that workstations can be compromised by a cyberattack.
"Cybersecurity is paramount in the current remote working environment, and cannot be ignored or delayed until later: the impact of a compromised workstation of a systems admin, manager or CEO is devastating - no matter the size of a business," Marchenko said.
On a rudimentary level, he explained that there are several steps that all employees can take to ensure the security of devices. Ensuring that operating systems and software are up to date is one of the easiest ways to lower the risk of a system being compromised. Vulnerability and patch management should be in place on all corporate devices to mitigate this risk.
"Cybercriminals have stepped up their activities in this new environment, a phenomenon exemplified by the frequency of ransomware attacks rising throughout 2020 in the wake of the Covid-19 pandemic. It is critical therefore that companies and individuals also increase their efforts and daily vigilance to combat these bad actors," he said.