Covid-19 cyber security threat to impact businesses

2 mins read

Is it possible that COVID-19 could pose the largest ever cyber security threat of recent times?

With millions of employees having to work from home, companies are having to look at how to keep as many business-critical functions running as possible while at the same time maintaining adequate security.

“In the last week alone, we have seen phishing emails go from 25,000 a day to 125,000 – a 500 per cent increase – which means the risk is real," explains Andrew Jackson, CEO of Intercity Technology. "Whilst firewalls included within domestic broadband routers are considered sufficient for personal use and occasional homeworking, they’re not necessarily capable of withstanding prolonged periods of remote working from a large proportion of the workforce, which is why we are seeing more businesses and their employees become the targets of malicious hackers.

"Just because employees are now home based doesn’t mean that security and privacy regulations such as GDPR are null and void and therefore, working closely with a trusted IT security partner is vital to help mitigate against any potential risks.

These kinds of figures demonstrate that the risks to businesses are huge.

According to James Stickland, CEO of authentication platform Veridium, COVID-19 has shone a light on technology, forcing enterprises to innovate, however, some companies are placing their business at risk by taking shortcuts on security measures.

“What makes this situation so difficult are the timeframes. Where typical changes of this scale are planned, researched, deployed and tested over months and even years, the UK now has just weeks to overcome some very real problems. These circumstances, albeit challenging and worrying, do present a long term opportunity for businesses to reassess their security strategies.”

Strickland warns that many companies are facing increasing scrutiny over their identity verification requirements, particularly when it comes to video conferencing tools which have exploded in popularity and that it is vital that secure authentication for remote employees is provided.

He argues that software based authentication that can be delivered remotely will be key to improving cybersecurity for home workers.

“Authentication measures that require passwords or PINs put pressure on already inundated or unavailable IT helpdesks through resets. More and more organisations are realising the benefits of taking a multi factor biometric approach to security, which can efficiently safeguard sensitive employee and customer data whilst future-proofing their business,” he believes.

Jackson suggests that because working remotely naturally sees technology and data moving away from an organisation’s ‘centre’, it's better to, "secure the communications and data on any company device, so you must look beyond anti-virus and malware software. For example, we'd recommend the provision of Mobile Device Management – a type of security software that helps extend data governance from an organisation’s ‘centre’, to mobile devices across a company’s multiple mobile operating system."

What is certain is that once the crisis passes how the world works will change dramatically.

According to Strickland, flexible working will be more accepted, security will matter more, and relationships will matter more but, in the meantime, Jackson suggests that companies should look at immediate precautionary measures.

Companies need to clearly communicate to their employees that they should follow correct procedures when it comes to potential phishing emails and suspicious emails should not be actioned, i.e. don't click on links, rather, "forward to IT personnel immediately for investigation."

The pandemic is likely to see businesses overhaul their remote working strategies and how they address security.